๐ซ๐ท
SpaceHost-Server
2026-07-15 22:30:05
(1 day ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-14 22:29:44
(2 days ago)
Brute-Force
Web App Attack
Anonymous
2026-07-14 04:12:09
(2 days ago)
Fail2Ban: WordPress brute-force attack detected.
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-13 21:32:56
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /wp-login.php | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-13 12:31:12
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
FeG Deutschland
2026-07-11 10:58:04
(5 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ท๐บ
Deynekin.com
2026-07-08 18:48:54
(1 week ago)
This IP address has been identified as part of a botnet infrastructure used by threat actors, indica ...
show more
This IP address has been identified as part of a botnet infrastructure used by threat actors, indicating automated and malicious activity.
show less
Fraud Orders
Web App Attack
SSH
Web Spam
FTP Brute-Force
Phishing
Email Spam
Port Scan
Brute-Force
Exploited Host
Hacking
SQL Injection
๐ซ๐ท
masterguru
2026-07-08 00:06:53
(1 week ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-195)
Hacking
Bad Web Bot
๐บ๐ธ
Matthew Ping
2026-07-07 13:45:02
(1 week ago)
ModSecurity rule 949110 triggered on banks. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
zwebvigil
2026-07-07 12:15:12
(1 week ago)
45.132.115.130 [07/Jul/2026:05:15:08 -0700] "GET /web/config.js HTTP/1.1" 404 2691 "-" port=27919 " ...
show more
45.132.115.130 [07/Jul/2026:05:15:08 -0700] "GET /web/config.js HTTP/1.1" 404 2691 "-" port=27919 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 854
45.132.115.130 [07/Jul/2026:05:15:09 -0700] "GET /src/config.js HTTP/1.1" 404 2691 "-" port=27919 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 535
45.132.115.130 [07/Jul/2026:05:15:09 -0700] "GET /src/api/config.js HTTP/1.1" 404 2699 "-" port=27919 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 803
45.132.115.130 [07/Jul/2026:05:15:10 -0700] "GET /web/api/config.js HTTP/1.1" 404 2699 "-" port=27919 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 766
45.132.1
show less
Web App Attack
๐ณ๐ต
Nanak011
2026-07-07 10:01:52
(1 week ago)
Path Traversal / Information Disclosure Attempt: A path traversal attempt was made to access a devel ...
show more
Path Traversal / Information Disclosure Attempt: A path traversal attempt was made to access a development environment configuration file, indicating sensitive information disclosure.
show less
Web App Attack
Hacking
๐ณ๐ฑ
bazter.pro
2026-07-07 09:53:28
(1 week ago)
45.132.115.130 - - [07/Jul/2026:09:53:27 +0000] "GET /__tests__/test-become/.env HTTP/1.1" 404 436 " ...
show more
45.132.115.130 - - [07/Jul/2026:09:53:27 +0000] "GET /__tests__/test-become/.env HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
...
show less
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
SSH
๐ซ๐ฎ
oh.mg
2026-07-06 15:46:20
(1 week ago)
[Mon Jul 06 17:46:19.903884 2026] [security2:error] [pid 2906202:tid 2906224] [client 45.132.115.130 ...
show more
[Mon Jul 06 17:46:19.903884 2026] [security2:error] [pid 2906202:tid 2906224] [client 45.132.115.130:24747] [client 45.132.115.130] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "95.216.72.247"] [uri "/.env"] [unique_id "akvNy4eXN3OExJ2esNb7rwAAABM"]
[Mon Jul 06 17:46:20.216173 2026] [security2:error] [pid 2906202:tid 2906225] [client 45.132.115.130:24747] [client 45.132.115.130] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev"] [t
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
Starburst SysOp Team
2026-07-06 01:09:32
(1 week ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-13)
Hacking
Bad Web Bot
๐ฉ๐ช
iNetWorker
2026-07-05 18:11:42
(1 week ago)
trolling for resource vulnerabilities
Web App Attack