๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:20
(18 hours ago)
Auto-ban: >3000 req/min op 2026-07-07
Web App Attack
SSH
Hacking
๐ง๐ช
cmbplf
2026-07-07 19:39:43
(20 hours ago)
179 requests with url.path /phpinfo.php
175 requests with url.path *phpinfo.php
171 requests with ...
show more
179 requests with url.path /phpinfo.php
175 requests with url.path *phpinfo.php
171 requests with url.path */wp-content/plugins/hellopress/wp_filemanager.php
show less
Brute-Force
Bad Web Bot
๐ซ๐ท
ACE-INFORMATIQUE.NC
2026-07-07 19:00:07
(21 hours ago)
Bad Web Bot + Web App Attack blocked by Fail2ban
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 18:19:46
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:19:40.401770 2026] [security2:error] [pid 2045:tid 2045] [client 20.205.44.27:10092] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.conventfriends.org"] [uri "/wp-config.php"] [unique_id "ak1DPMpvQvksVoBmIDuhSAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-07 18:18:32
(21 hours ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
Operator873
2026-07-07 18:10:05
(22 hours ago)
2026/07/07 13:04:55 [error] 2367316#0: *1319942 access forbidden by rule, client: 20.205.44.27, serv ...
show more
2026/07/07 13:04:55 [error] 2367316#0: *1319942 access forbidden by rule, client: 20.205.44.27, server: [OBFUSCATED], request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "wildcard.n5txl.com"
2026/07/07 13:04:55 [error] 2367316#0: *1319942 access forbidden by rule, client: 20.205.44.27, server: [OBFUSCATED], request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "wildcard.n5txl.com"
2026/07/07 13:04:55 [error] 2367316#0: *1319942 access forbidden by rule, client: 20.205.44.27, server: [OBFUSCATED], request: "GET /this_is_a_new_hello_world.php HTTP/1.1", host: "wildcard.n5txl.com"
2026/07/07 13:04:55 [error] 2367316#0: *1319942 access forbidden by rule, client: 20.205.44.27, server: [OBFUSCATED], request: "GET /this_is_a_new_hello_world.php HTTP/1.1", host: "wildcard.n5txl.com"
2026/07/07 13:10:02 [error] 2367316#0: *1320022 access forbidden by rule, client: 20.205.44.27, server: [OBFUSCATED], request: "GET /god4m.php
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-07 18:00:13
(22 hours ago)
Bot / seems abusive / Apache connections: 27
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:53:22
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:53:15.044595 2026] [security2:error] [pid 19694:tid 19694] [client 20.205.44.27:6520] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.therennas.com"] [uri "/wp-config.php"] [unique_id "ak09C8NSm8IggP5XhozcSQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-07 17:31:32
(22 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_login, ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_login, wp_admin, wp_cron. Observed by 1 sensor(s); 116 hits.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:31:19
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:31:12.165427 2026] [security2:error] [pid 22944:tid 22944] [client 20.205.44.27:12452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.hongkonger.org"] [uri "/wp-config.php"] [unique_id "ak034IbqXlbl3a3CUQDuTwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-07 17:25:48
(22 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.205.44.27 (HK/Hong Kong/-): 1 in t ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.205.44.27 (HK/Hong Kong/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ฑ๐ป
garmtech.com
2026-07-07 17:17:04
(22 hours ago)
Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. ...
show more
Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. Automated scan or unauthorized probing.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:12:41
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 20.205.44.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:12:35.544562 2026] [security2:error] [pid 27127:tid 27127] [client 20.205.44.27:11305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.blindshine.com"] [uri "/wp-config.php"] [unique_id "ak0zg1SVVEBmmxNps8iWDwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-07 17:12:00
(23 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-07 17:09:35
(23 hours ago)
Excessive multi-domain requests
Brute-Force