๐ฆ๐บ
screwlooseit.com.au
2026-07-04 12:57:39
(4 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
NL/Netherlands/-
Web App Attack
๐บ๐ธ
TAY
2026-06-14 16:58:47
(2 weeks ago)
45.130.202.13 - - [15/Jun/2026:00:49:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack/12. ...
show more
45.130.202.13 - - [15/Jun/2026:00:49:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack/12.5; WordPress/6.2; http://site92532096.com"
45.130.202.13 - - [15/Jun/2026:00:53:07 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
45.130.202.13 - - [15/Jun/2026:00:58:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
...
show less
Brute-Force
Anonymous
2026-06-14 09:54:25
(2 weeks ago)
45.130.202.13 - - [14/Jun/2026:11:51:49 +0200] "GET /wp-includes/blocks/file/wp-style.php HTTP/1.1" ...
show more
45.130.202.13 - - [14/Jun/2026:11:51:49 +0200] "GET /wp-includes/blocks/file/wp-style.php HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
45.130.202.13 - - [14/Jun/2026:11:51:50 +0200] "GET /wp-content/mu-plugins/admin.php HTTP/1.1" 404 498 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
45.130.202.13 - - [14/Jun/2026:11:51:50 +0200] "GET /wp-includes/IXR/class-IXR-cilent.php HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
45.130.202.13 - - [14/Jun/2026:11:51:50 +0200] "GET /wp-content/uploads/wp-cert.phtml HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
45.130.202.13 - - [14/Jun/2026:11:51:50 +0200] "GET /about/functi
...
show less
DDoS Attack
๐ซ๐ท
dynamix
2026-06-14 07:45:21
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 15:09:07
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:08:56.051128 2026] [security2:error] [pid 13270:tid 13270] [client 45.130.202.13:35415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.versacardio.com"] [uri "/.env"] [unique_id "ai1yiOv5ZdNxYkreT6J8YAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 07:42:01
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:41:57.646104 2026] [security2:error] [pid 20507:tid 20507] [client 45.130.202.13:51171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grayarea.us"] [uri "/wp-includes/js/wp-config.php"] [unique_id "ai0JxZnD35YApRgYKVE3tAAAAHw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 06:53:03
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:52:55.872151 2026] [security2:error] [pid 1706:tid 1706] [client 45.130.202.13:30375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.geo-modal.nodepot.com"] [uri "/.git/HEAD"] [unique_id "aiz-RyAE4mSwX059LXcA2wAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 23:38:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 19:38:43.014353 2026] [security2:error] [pid 24956:tid 24956] [client 45.130.202.13:36605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jgraue.onyxcc.com"] [uri "/.git/HEAD"] [unique_id "aiyYgwFTiFK73ky_QYswMAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 18:50:26
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:50:19.318264 2026] [security2:error] [pid 3952:tid 3952] [client 45.130.202.13:23561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kh6jim.com"] [uri "/.env"] [unique_id "aixU66INAjXDCfNUsEo7XwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-12 13:09:49
(3 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 07:07:35
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:07:25.799733 2026] [security2:error] [pid 10652:tid 10652] [client 45.130.202.13:29391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "survey.joebankx.com"] [uri "/.git/HEAD"] [unique_id "aiuwLdQOl3gkZ2aKhkqhiQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
YF
2026-06-12 05:00:12
(3 weeks ago)
Git HEAD exposure probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 22:52:02
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.202.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:51:55.992467 2026] [security2:error] [pid 3026:tid 3032] [client 45.130.202.13:40839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vinylnotespodcast.com.104ventures.com"] [uri "/.git/HEAD"] [unique_id "ais8C0s6UzjtFmJ1AMkCEgAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-09 19:59:38
(3 weeks ago)
Aggressive web search of vulnerable pages: /wp-login.php /web.php /wp-admin/css/colors/ocean/about.p ...
show more
Aggressive web search of vulnerable pages: /wp-login.php /web.php /wp-admin/css/colors/ocean/about.php /images/index.php /wp-content/bypass.php ...
show less
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-09 13:39:42
(3 weeks ago)
10 attempts against mh-misc-ban on frost
Web App Attack