๐บ๐ธ
nodepile
2026-07-04 09:29:49
(7 hours ago)
Requests denied due to active blacklist hits (tenant=82 method=GET path=/customer/account/forgotpass ...
show more
Requests denied due to active blacklist hits (tenant=82 method=GET path=/customer/account/forgotpassword/angel-eyes/led-drl-rgbw-boards.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Avast/131.0.0.0')
show less
Web App Attack
Exploited Host
๐ฉ๐ช
mygcode.de
2026-07-04 05:48:02
(11 hours ago)
Bruteforce Drupal Login - Detected by Honeypot
Brute-Force
๐บ๐ธ
mnsf
2026-06-25 21:13:30
(1 week ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฆ๐บ
oncord
2026-06-18 19:00:48
(2 weeks ago)
Form spam
Web Spam
๐ฆ๐บ
MAGIC
2026-06-12 02:20:57
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-22 13:56:14
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:56:08.088631 2026] [security2:error] [pid 12265:tid 12265] [client 45.130.81.89:30793] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||4dbm.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "4dbm.com"] [uri "/archivarix.cms.php"] [unique_id "ahBgeEK9935sdrKMOQ4rbgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 12:59:13
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 08:59:03.703631 2026] [security2:error] [pid 604:tid 604] [client 45.130.81.89:54801] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||3DSportsChannel.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "3dsportschannel.com"] [uri "/inde.cgi.com/index.cgi"] [unique_id "ahBTF9Mph_CiYM5Ja3XNDwAAAAI"], referer: http://3DSportsChannel.com/inde.cgi.com/index.cgi
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 12:38:23
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 08:38:19.722118 2026] [security2:error] [pid 14503:tid 14503] [client 45.130.81.89:50819] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||36hoursonly.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "36hoursonly.com"] [uri "/archivarix.cms.php"] [unique_id "ahBOOwKT9X9lU6ilG8JXOgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
vbios.com
2026-05-20 20:57:53
(1 month ago)
404_Brute-Force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-20 16:03:51
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210350) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:03:12.855717 2026] [security2:error] [pid 6765:tid 6787] [client 45.130.81.89:56233] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||tvpin.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "tvpin.com"] [uri "/index.cgi"] [unique_id "ag3bQAoKkrfPLengCjRdjwAAABQ"], referer: http://tvpin.com/index.cgi
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Jason Howell
2026-05-15 11:30:13
(1 month ago)
45.130.81.89 - - [15/May/2026:06:27:19 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3013 "-" "Mozilla/5.0 ...
show more
45.130.81.89 - - [15/May/2026:06:27:19 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3013 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36"
45.130.81.89 - - [15/May/2026:06:27:45 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3012 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36"
45.130.81.89 - - [15/May/2026:06:29:41 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3013 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.3124.85"
45.130.81.89 - - [15/May/2026:06:29:48 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3012 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36"
45.130.81.89 - - [15/May/2026:06:30:12 -0500] "POST //xmlrpc.php HTTP/1.1" 200 3013 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.
...
show less
Web App Attack
๐ฉ๐ช
Admin-Gito
2026-05-15 06:20:58
(1 month ago)
45.130.81.89 - - [15/May/2026:08:17:37 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3150 "-" "Mozilla/5.0 ...
show more
45.130.81.89 - - [15/May/2026:08:17:37 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3150 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 Edg/140.0.3124.85"
45.130.81.89 - - [15/May/2026:08:18:10 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3151 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 OPR/120.0.0.0"
45.130.81.89 - - [15/May/2026:08:19:45 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3150 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/138.0"
...
show less
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-05-05 01:28:45
(1 month ago)
885 requests with url.path //xmlrpc.php
Brute-Force
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-05-05 00:44:59
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 12:11:31
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.130.81.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 08:11:24.575788 2026] [security2:error] [pid 18451:tid 18451] [client 45.130.81.89:54243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thewhitedfamily.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thewhitedfamily.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "ae4A7ESzvFXbJtzxyx7RrwAAAEk"]
show less
Brute-Force
Bad Web Bot
Web App Attack