π©πͺ
iNetWorker
2026-07-15 07:44:27
(12 hours ago)
trolling for resource vulnerabilities
Web App Attack
πΊπΈ
cwytech
2026-07-15 03:52:58
(16 hours ago)
Fleet-wide ban from the Ghostfleet π». Triggered by scenario: cwy/wordpress-geofence-sus.
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-07-14 22:35:27
(21 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π¬π·
setupgr
2026-07-14 09:43:07
(1 day ago)
(wplogin_block) Blocked WP-Login Access Attempt 45.3.55.221 (DE/Germany/State of Berlin/Berlin/-/[AS ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 45.3.55.221 (DE/Germany/State of Berlin/Berlin/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.3.55.221 - - [14/Jul/2026:12:42:18 +0300] "POST /wp-login.php HTTP/1.1" 503 7449 "https://villa-izabela.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0"
show less
Port Scan
π©πͺ
big-cloud.nl
2026-07-13 16:35:37
(2 days ago)
Try to access /xmlrpc.php
Web App Attack
π©πͺ
FeG Deutschland
2026-07-13 14:34:56
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
lostswordfish.com
2026-07-11 06:30:06
(4 days ago)
Wordfence waf block on tranquilfrogs
Web App Attack
π«π·
tecnicorioja
2026-07-09 22:01:30
(5 days ago)
wp-login attack [09/Jul/2026:04:32:39
Brute-Force
Web App Attack
π¦πΊ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
π©πͺ
Packets-Decreaser.NET
2025-12-29 14:01:25
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
π§πͺ
madeit
2025-11-27 12:17:57
(7 months ago)
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-25 04:41:58
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:41:51.754509 2025] [security2:error] [pid 24001:tid 24001] [client 45.3.55.221:59575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.4115thewestford.com"] [uri "/.svn/wc.db"] [unique_id "aSUzj9_RlqjBRHKBh9XvgQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-25 04:25:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:25:34.759163 2025] [security2:error] [pid 12705:tid 12705] [client 45.3.55.221:59195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.gangnagel.com"] [uri "/.env"] [unique_id "aSUvvmyVPZCgjdPGuUx-4AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-25 03:56:44
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:56:37.701864 2025] [security2:error] [pid 11046:tid 11046] [client 45.3.55.221:12703] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.brbcar.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.brbcar.com"] [uri "/.svn/wc.db"] [unique_id "aSUo9aEtrYhP3dWiTPAHPAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 23:59:20
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.55.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 18:59:14.457049 2025] [security2:error] [pid 31598:tid 31598] [client 45.3.55.221:33711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jacobunderwoodmusic.bluegrassexpressband.com"] [uri "/.git/HEAD"] [unique_id "aSTxUjmPl25OgwKbYjGRwQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack