๐ง๐ช
taivas.nl
2026-07-17 04:32:26
(4 hours ago)
Many_bad_calls
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:29:49
(5 hours ago)
(mod_security) mod_security (id:210831) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:29:41.102808 2026] [security2:error] [pid 5002:tid 5002] [client 45.66.35.46:45162] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.aacoustics.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.aacoustics.com"] [uri "/robots.txt"] [unique_id "almhpWEmbwX8i8z4fBgc0QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
taivas.nl
2026-07-17 00:02:16
(8 hours ago)
Bad_requests
Bad Web Bot
๐ซ๐ท
solution.it
2026-07-16 23:05:45
(9 hours ago)
[Fri Jul 17 01:05:44.940909 2026] [php7:error] [pid 350454:tid 350454] [client 45.66.35.46:55782] sc ...
show more
[Fri Jul 17 01:05:44.940909 2026] [php7:error] [pid 350454:tid 350454] [client 45.66.35.46:55782] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat
show less
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-16 22:30:33
(10 hours ago)
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-16 19:48:56
(12 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
NL/Netherlands/ams26.torexit.nl
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-16 19:37:16
(13 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-16 19:33:19
(13 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐ฉ
securejdprop
2026-07-16 14:57:56
(17 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET TOR Known Tor E ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET TOR Known Tor Exit Node Traffic group 116).
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:05:23
(20 hours ago)
(mod_security) mod_security (id:210831) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210831) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:05:19.586705 2026] [security2:error] [pid 24732:tid 24732] [client 45.66.35.46:45100] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.kelticdreamsranch.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.kelticdreamsranch.com"] [uri "/"] [unique_id "aljI_1hIoybTLdNPY1HcFwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-16 08:46:53
(23 hours ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-16 03:02:03
(1 day ago)
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1, GET /wp-login.php HTTP/1.1
Hacking
Web App Attack
๐ฎ๐ฉ
zam
2026-07-16 00:37:07
(1 day ago)
45.66.35.46 - - [16/Jul/2026:00:36:39 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - ...
show more
45.66.35.46 - - [16/Jul/2026:00:36:39 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - [16/Jul/2026:00:36:42 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - [16/Jul/2026:00:36:44 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - [16/Jul/2026:00:36:47 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - [16/Jul/2026:00:36:49 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
45.66.35.46 - - [16/Jul/2026:00:36:51 +0000] "GET /wp-login.php HTTP/1.1" 404 81186
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:00:18
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-15
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-15 18:42:00
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 45.66.35.46 (ams26.torexit.nl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 14:41:54.937278 2026] [security2:error] [pid 9853:tid 9853] [client 45.66.35.46:36212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.beckerbrokerage.net"] [uri "/.git/config"] [unique_id "alfUcuF4tpV8G9KL6xZfAwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack