๐ณ๐ฑ
Site.eu
2026-07-06 21:20:12
(2 days ago)
Excessive multi-domain requests
Brute-Force
๐จ๐ฟ
ptlab
2026-07-06 18:45:36
(3 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ฉ๐ช
maxpower
2026-07-06 17:37:11
(3 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 196.177.42.225 - - [06/Jul/2026:19:37:03 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=www.colleflorido.it
196.177.42.225 - - [06/Jul/2026:19:37:03 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=www.falone.com
show less
Port Scan
๐ซ๐ท
masterguru
2026-07-06 16:41:46
(3 days ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-197)
show less
Hacking
๐ฉ๐ช
maxpower
2026-07-06 15:56:28
(3 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 196.177.42.225 - - [06/Jul/2026:17:56:25 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=falone.com
196.177.42.225 - - [06/Jul/2026:17:56:25 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=falone.com
show less
Port Scan
๐ฉ๐ช
maxpower
2026-07-06 14:58:17
(3 days ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 196.177.42.225 (TN/Tunisia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 196.177.42.225 - - [06/Jul/2026:16:58:15 +0200] "GET /wp-config.php.save HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=www.etag.it
196.177.42.225 - - [06/Jul/2026:16:58:15 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=www.etag.it
show less
Port Scan
Anonymous
2026-07-06 08:05:47
(3 days ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=22
Hacking
๐ฎ๐ฉ
David Koswari
2026-07-06 05:26:00
(3 days ago)
REQ_BLOCKED_SECURITY
DDoS Attack
FTP Brute-Force
Ping of Death
Port Scan
Hacking
SQL Injection
Spoofing
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
IoT Targeted
๐บ๐ธ
TPI-Abuse
2026-07-06 05:08:41
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 196.177.42.225 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 196.177.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:08:35.562549 2026] [security2:error] [pid 18518:tid 18518] [client 196.177.42.225:53725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hertzan.com"] [uri "/wp-config.php.bak"] [unique_id "aks4Uwe74Bf_7urwNCKXZwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 03:48:53
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 196.177.42.225 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 196.177.42.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:48:49.150938 2026] [security2:error] [pid 7359:tid 7359] [client 196.177.42.225:49813] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bamedica.com"] [uri "/wp-config.php.bak"] [unique_id "aksloR3znNE_rJ0hfRVwWQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-06 03:42:41
(3 days ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-06 01:40:19
(3 days ago)
30 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-05 23:59:50
(3 days ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 23:58:57
(3 days ago)
10 requests with url.original /wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config ...
show more
10 requests with url.original /wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
paissangroup
2026-07-05 23:31:35
(3 days ago)
Multiple WAF Violations
Web App Attack