๐บ๐ธ
TPI-Abuse
2026-06-30 15:06:52
(1 day ago)
(mod_security) mod_security (id:240000) triggered by 45.132.224.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 45.132.224.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 11:06:47.560951 2026] [security2:error] [pid 31151:tid 31151] [client 45.132.224.130:53191] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||relayer.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "relayer.net"] [uri "/images/stories/themes.php"] [unique_id "akPbh_vc6GK8gdb2eiLOqwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 03:52:19
(1 day ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.132.224.130 (AU/Australia/-): 1 in ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.132.224.130 (AU/Australia/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ง๐ช
cmbplf
2026-06-28 12:35:09
(3 days ago)
181 requests with url.path *config.php
Brute-Force
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-06-28 04:54:13
(3 days ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-06-27 23:50:16
(3 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 23:45:51
(3 days ago)
(mod_security) mod_security (id:240000) triggered by 45.132.224.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 45.132.224.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:45:43.989071 2026] [security2:error] [pid 4193:tid 4193] [client 45.132.224.130:25519] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||bennefeld.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "bennefeld.net"] [uri "/images/stories/themes.php"] [unique_id "akBgp_oSkYw8Be4kDUXJOwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-26 01:47:33
(5 days ago)
Triggered Cloudflare WAF (firewallCustom) from AU.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoi ...
show more
Triggered Cloudflare WAF (firewallCustom) from AU.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: /wp-json/ | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
dynamix
2026-06-26 00:13:04
(5 days ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
london2038.com
2026-06-25 23:03:46
(5 days ago)
Probing for exploits
45.132.224.130 - - [26/Jun/2026:01:03:42 +0200] "GET /wp-includes/blocks/commen ...
show more
Probing for exploits
45.132.224.130 - - [26/Jun/2026:01:03:42 +0200] "GET /wp-includes/blocks/comments-pagination-numbers/ HTTP/1.1" 301 169 "-" "Go-http-client/1.1"
45.132.224.130 - - [26/Jun/2026:01:03:43 +0200] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 169 "-" "Go-http-client/1.1"
show less
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-25 21:48:57
(6 days ago)
Excessive multi-domain requests
Brute-Force
๐ง๐ช
Saec
2026-06-25 20:15:03
(6 days ago)
Jarvis auto-ban: CF top attacker on saec.me (63 hits, AU)
Port Scan
Web App Attack
๐ฌ๐ท
setupgr
2026-06-25 06:22:42
(6 days ago)
(mod_security) mod_security (id:900001) triggered by 45.132.224.130 (AU/Australia/Queensland/Brisban ...
show more
(mod_security) mod_security (id:900001) triggered by 45.132.224.130 (AU/Australia/Queensland/Brisbane/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 09:22:39.498774 2026] [security2:error] [pid 357906:tid 358049] [client 45.132.224.130:41103] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: ftiaxtomonosou.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-admin/user/wp-login.php"] [unique_id "ajzJLzo1r-5gKidmz9JwRwAAAMw"]
show less
Port Scan
๐ซ๐ท
masterguru
2026-06-25 00:44:09
(6 days ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)
Hacking
๐ซ๐ท
dynamix
2026-06-24 18:05:53
(1 week ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
Octopuce
2026-06-24 17:00:25
(1 week ago)
Aggressive web search of vulnerable pages: /wp-includes/Text/Diff/Engine/template-singl-portfolio.ph ...
show more
Aggressive web search of vulnerable pages: /wp-includes/Text/Diff/Engine/template-singl-portfolio.php /5PJcpMFsD8B.php /wp-includes/Requests/in ...
show less
Web App Attack