๐บ๐ธ
TPI-Abuse
2026-06-30 09:27:47
(1 day ago)
(mod_security) mod_security (id:240000) triggered by 45.132.224.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 45.132.224.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:27:44.394433 2026] [security2:error] [pid 9321:tid 9321] [client 45.132.224.135:60745] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||billymitchell.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "billymitchell.com"] [uri "/images/stories/themes.php"] [unique_id "akOMEFJzLInSQNiD5yAM8QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-29 20:14:34
(2 days ago)
Honeypot hit: Unauthorized traffic (68 bytes of payload); 57638 [4] TCP
Reported by: https://github. ...
show more
Honeypot hit: Unauthorized traffic (68 bytes of payload); 57638 [4] TCP
Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB
show less
Port Scan
๐ณ๐ฑ
Site.eu
2026-06-29 11:24:55
(2 days ago)
Excessive multi-domain requests
Brute-Force
Anonymous
2026-06-28 23:12:07
(3 days ago)
Banned by Fail2Ban on server
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 03:25:28
(4 days ago)
(mod_security) mod_security (id:240000) triggered by 45.132.224.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 45.132.224.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:25:20.860101 2026] [security2:error] [pid 7772:tid 7772] [client 45.132.224.135:45997] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||naked60yearoldgaymen.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "naked60yearoldgaymen.com"] [uri "/images/stories/themes.php"] [unique_id "akCUIDh4cO1Xa0inMmevTQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-28 02:17:01
(4 days ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-06-27 23:50:29
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-26 23:19:29
(5 days ago)
Aggressive web search of vulnerable pages: /wp-content/themes/Divi/404.php /wp-content/plugins/Secur ...
show more
Aggressive web search of vulnerable pages: /wp-content/themes/Divi/404.php /wp-content/plugins/SecurityFin/SecurityFin.php /wp-includes/core.ph ...
show less
Web App Attack
๐ซ๐ท
dynamix
2026-06-26 00:14:37
(6 days ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
london2038.com
2026-06-25 22:57:15
(6 days ago)
Probing for exploits
45.132.224.135 - - [26/Jun/2026:00:57:06 +0200] "GET /wp-includes/css/ HTTP/1.1 ...
show more
Probing for exploits
45.132.224.135 - - [26/Jun/2026:00:57:06 +0200] "GET /wp-includes/css/ HTTP/1.1" 301 169 "-" "Go-http-client/1.1"
45.132.224.135 - - [26/Jun/2026:00:57:11 +0200] "GET /wp-admin/js/widgets/ HTTP/1.1" 301 169 "-" "Go-http-client/1.1"
show less
Hacking
Web App Attack
Anonymous
2026-06-25 15:05:26
(6 days ago)
[da.kdns.gr] httpd-suspicious-path: sites=madesign.gr; logs=/var/log/httpd/domains/madesign.gr.log; ...
show more
[da.kdns.gr] httpd-suspicious-path: sites=madesign.gr; logs=/var/log/httpd/domains/madesign.gr.log; samples=/wp-content/plugins/config.php | /wp-content/languages/plugins/config.php | /wp-content/plugins/wp-duplicate-page/config.php
show less
Hacking
Web App Attack
๐ฌ๐ง
consul.to
2026-06-25 08:22:16
(6 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ท
setupgr
2026-06-25 06:22:42
(6 days ago)
(mod_security) mod_security (id:1000001) triggered by 45.132.224.135 (AU/Australia/Queensland/Brisba ...
show more
(mod_security) mod_security (id:1000001) triggered by 45.132.224.135 (AU/Australia/Queensland/Brisbane/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Thu Jun 25 09:22:37.748642 2026] [security2:error] [pid 357906:tid 358045] [client 45.132.224.135:20805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-includes/rest-api/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-includes/rest-api/about.php"] [unique_id "ajzJLTo1r-5gKidmz9JwRAAAAMg"]
show less
Port Scan
๐ฌ๐ง
consul.to
2026-06-24 05:39:23
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ฒ๐พ
Rizzy
2026-06-12 09:31:09
(2 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack