๐ฎ๐น
CoreTech srl
2026-07-15 23:58:59
(10 hours ago)
cloudlinux2 fail2ban: 2026-07-16 01:53:50,310 fail2ban.filter [1812]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-16 01:53:50,310 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 49.232.189.33 - 2026-07-16 01:53:49cloudlinux2 fail2ban: 2026-07-16 01:54:31,320 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 216.24.210.153 - 2026-07-16 01:54:30cloudlinux2 fail2ban: 2026-07-16 01:54:35,816 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 216.24.210.153 - 2026-07-16 01:54:35cloudlinux2 fail2ban: 2026-07-16 01:54:41,107 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.131.194.16 - 2026-07-16 01:54:39cloudlinux2 fail2ban: 2026-07-16 01:54:41,303 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.131.194.11 - 2026-07-16 01:54:39cloudlinux2 fail2ban: 2026-07-16 01:55:12,678 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.214.231 - 2026-07-16 01:55:11cloudlinux2 fail2ban: 2026-07-16 01:55:14,010 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.214.204 - 2026-07-16 01:55:11clo
show less
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-15 23:26:41
(11 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-14 06:51:59
(1 month ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-06-08 22:01:01
(1 month ago)
wp-login attack [08/Jun/2026:10:37:22
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-06-07 08:06:40
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ท
Octopuce
2026-06-05 19:42:29
(1 month ago)
Aggressive web search of vulnerable pages: /wp-login.php /wp-content/languages/ /wp-content/themes/ ...
show more
Aggressive web search of vulnerable pages: /wp-login.php /wp-content/languages/ /wp-content/themes/ /wp-content/plugins/elementor/ /wp-includes ...
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-04 07:53:11
(1 month ago)
levellapromotions.co.nz:443 45.131.194.11 - - [04/Jun/2026:17:53:08 +1000] "GET /?author=1 HTTP/1.1" ...
show more
levellapromotions.co.nz:443 45.131.194.11 - - [04/Jun/2026:17:53:08 +1000] "GET /?author=1 HTTP/1.1" 404 339610 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15"
...
show less
Web App Attack
๐จ๐ญ
4server
2026-05-24 03:52:05
(1 month ago)
[SunMay2405:51:59.7827582026][security2:error][pid1545720:tid1545955][client45.131.194.11:0]ModSecur ...
show more
[SunMay2405:51:59.7827582026][security2:error][pid1545720:tid1545955][client45.131.194.11:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"inserzioniticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahJ13wPbioY_wNUw8JviCgAAAIo\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 09:06:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 45.131.194.11 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.131.194.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 05:06:06.962238 2026] [security2:error] [pid 381:tid 381] [client 45.131.194.11:58993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demberdatabase.com"] [uri "/wp-config.php"] [unique_id "agGb_jM4QzOPykgAdAjCHwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 02:49:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 45.131.194.11 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.131.194.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 22:49:24.386530 2026] [security2:error] [pid 3868:tid 3868] [client 45.131.194.11:53311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deltasouls.com"] [uri "/wp-content/wp-config.php"] [unique_id "agFDtHX_dXcxWj4XdQbWDgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-05-11 02:32:51
(2 months ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197)
show less
Bad Web Bot
๐ฌ๐ง
consul.to
2026-05-11 02:22:52
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
jsjdmediallc
2026-05-06 12:14:12
(2 months ago)
Auto-blocked: score 14 (threshold 10). Hits: 7. Flags: xmlrpc. Paths: /xmlrpc.php, /xmlrpc.php, /xml ...
show more
Auto-blocked: score 14 (threshold 10). Hits: 7. Flags: xmlrpc. Paths: /xmlrpc.php, /xmlrpc.php, /xmlrpc.php, /xmlrpc.php, /xmlrpc.php
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-04-07 21:20:05
(3 months ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2026-04-07 08:25:18
(3 months ago)
IM360 WAF: Infectors: Suspicious access attempt (webshell)
Brute-Force
FTP Brute-Force
Open Proxy