π«π·
Tilellit.PRO
2026-07-02 04:17:36
(2 weeks ago)
tilellit/wp-armour-ban
Hacking
π«π·
Tilellit.PRO
2026-06-29 14:03:31
(2 weeks ago)
Fail2Ban banned 45.148.235.240 for security violations in jail wp-armour. Log: 2026/06/29 14:03:30 [ ...
show more
Fail2Ban banned 45.148.235.240 for security violations in jail wp-armour. Log: 2026/06/29 14:03:30 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.148.235.240 | Target: wplogin" , client: 45.148.235.240, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
π«π·
Tilellit.PRO
2026-06-27 11:07:02
(2 weeks ago)
Fail2Ban banned 45.148.235.240 for security violations in jail wp-armour. Log: 2026/06/27 11:07:01 [ ...
show more
Fail2Ban banned 45.148.235.240 for security violations in jail wp-armour. Log: 2026/06/27 11:07:01 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.148.235.240 | Target: wplogin" , client: 45.148.235.240, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
π¦πΊ
paulshipley.com.au
2026-06-26 00:16:02
(3 weeks ago)
[Fri Jun 26 10:16:02.112815 2026] [security2:error] [pid 594437] [client 45.148.235.240:65487] [clie ...
show more
[Fri Jun 26 10:16:02.112815 2026] [security2:error] [pid 594437] [client 45.148.235.240:65487] [client 45.148.235.240] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "aj3EwgpEcry40Ehc2PNlBgAAAAI"]
...
show less
Web App Attack
π¬π§
Steve
2026-04-04 15:52:46
(3 months ago)
Attempts against non-existent wordpress site
Brute-Force
Web App Attack
π¨πΏ
lp
2025-10-27 20:50:43
(8 months ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.235.240
2025-10-27T20:45:51+01 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.235.240
2025-10-27T20:45:51+01:00 vpn Access-Reject 'diesel' station: 45.148.235.240 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
Anonymous
2025-10-26 01:52:39
(8 months ago)
wordpress-trap
Web App Attack
πΊπΈ
TPI-Abuse
2025-10-25 14:21:32
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 25 10:21:27.660143 2025] [security2:error] [pid 22360:tid 22360] [client 45.148.235.240:41581] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fuentevictoria.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fuentevictoria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPzc54GXOMj0JtQs56RO_AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
octageeks.com
2025-10-25 04:06:44
(8 months ago)
Wordpress malicious attack:[octawp]
Web App Attack
Anonymous
2025-10-24 14:14:03
(8 months ago)
Attempted WordPress login:
45.148.235.240 - - [24/Oct/2025:15:14:03 +0100] "GET /wp-login.php HTTP/ ...
show more
Attempted WordPress login:
45.148.235.240 - - [24/Oct/2025:15:14:03 +0100] "GET /wp-login.php HTTP/1.1" 200 234 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.2"
show less
Hacking
Web App Attack
πΊπΈ
ne1for23
2025-10-23 21:09:59
(8 months ago)
45.148.235.240 - - [23/Oct/2025:21:09:59 +0000] "GET /wp-login.php HTTP/1.1" 403 555 "-" "Mozilla/5. ...
show more
45.148.235.240 - - [23/Oct/2025:21:09:59 +0000] "GET /wp-login.php HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
show less
Web App Attack
Anonymous
2025-10-23 14:17:49
(8 months ago)
wordpress-trap
Web App Attack
πΊπΈ
TPI-Abuse
2025-10-23 10:08:19
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 06:08:11.574749 2025] [security2:error] [pid 6779:tid 6779] [client 45.148.235.240:55481] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||staben.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staben.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPn-i0xmvXAQ33g7HHI64gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-10-20 19:23:05
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.235.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 20 15:22:59.438416 2025] [security2:error] [pid 7702:tid 7702] [client 45.148.235.240:33231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||calogerolawfirm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calogerolawfirm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPaME_QyM3qgNIl7BePLHQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨πΏ
lp
2025-10-19 19:50:59
(8 months ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.235.240
2025-10-19T20:42:49+02 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.235.240
2025-10-19T20:42:49+02:00 vpn Access-Reject 'cisco' station: 45.148.235.240 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack