๐ซ๐ท
Sklurk
2026-07-07 17:25:19
(22 hours ago)
Web App Attack
Web App Attack
๐ซ๐ท
pm33
2026-06-21 22:25:52
(2 weeks ago)
Wordpress login attempts
Brute-Force
๐ฌ๐ง
poundawebsiteltd
2026-06-20 20:14:47
(2 weeks ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 45.3.38.237 - - [20/Jun/2026:21:14:41 +0100] POS ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 45.3.38.237 - - [20/Jun/2026:21:14:41 +0100] POST /wp-login.php HTTP/1.1 200 6088 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
show less
Web App Attack
๐ซ๐ท
Sklurk
2026-06-20 02:43:49
(2 weeks ago)
Web App Attack
Web App Attack
๐ฒ๐น
Malta
2026-06-19 11:15:32
(2 weeks ago)
45.3.38.237 - - [19/Jun/2026:13:15:32 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu ...
show more
45.3.38.237 - - [19/Jun/2026:13:15:32 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
lostswordfish.com
2026-06-19 07:10:05
(2 weeks ago)
Wordfence waf block on jestrellafoundation
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-15 22:13:43
(3 weeks ago)
(y4) Failed scan -byebye- from 45.3.38.237 (US/United States/-): (CF_ENABLE)
Hacking
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
๐ง๐ช
voormedia
2026-03-05 16:08:56
(4 months ago)
Accessed trap at '/.git/HEAD'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-05 08:13:10
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:13:06.856594 2026] [security2:error] [pid 5953:tid 6042] [client 45.3.38.237:12583] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/f2/4e45efecac59e6b278a92e08cd33ccf802f7ce"] [unique_id "aak7Eu9_LUubsM0EwzyOFwAAAdI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mind5t0rm
2026-01-24 09:41:17
(5 months ago)
(XMLRPC) WP XMLPRC Attack 45.3.38.237 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direc ...
show more
(XMLRPC) WP XMLPRC Attack 45.3.38.237 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 45.3.38.237 - - [24/Jan/2026:16:41:11 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/8.6.0"
45.3.38.237 - - [24/Jan/2026:16:41:12 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/8.6.0"
45.3.38.237 - - [24/Jan/2026:16:41:13 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/8.6.0"
show less
Port Scan
Anonymous
2025-12-06 17:49:07
(7 months ago)
botnet
DDoS Attack
๐ฑ๐ป
garmtech.com
2025-11-24 09:48:20
(7 months ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 07:21:54
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:21:49.617175 2025] [security2:error] [pid 12776:tid 12776] [client 45.3.38.237:31727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arthuregau.com"] [uri "/.git/HEAD"] [unique_id "aSQHjf5wRGN_QL_Qcxl_PAAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 04:59:43
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.38.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:22.749926 2025] [security2:error] [pid 3422:tid 3422] [client 45.3.38.237:18599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.deanfountain.com"] [uri "/.svn/wc.db"] [unique_id "aSPmKsaRQYAGrzT1riOPbwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack