π©πͺ
neckaralb-admin.de
2026-07-10 02:57:15
(13 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π©πͺ
london2038.com
2026-07-09 20:18:23
(20 hours ago)
Probing for exploits
46.224.130.72 - - [09/Jul/2026:22:18:19 +0200] "GET /wp-login.php HTTP/2.0" 301 ...
show more
Probing for exploits
46.224.130.72 - - [09/Jul/2026:22:18:19 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36"
46.224.130.72 - - [09/Jul/2026:22:18:22 +0200] "POST /wp-login.php HTTP/2.0" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
π©πͺ
FeG Deutschland
2026-07-09 18:03:45
(22 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 15:25:51
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:25:47.223446 2026] [security2:error] [pid 30417:tid 30417] [client 46.224.130.72:37912] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||shhcenter.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "shhcenter.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-9e_xOSE-oLE4w6CbqUAAAAAw"], referer: https://shhcenter.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 15:09:04
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:08:59.764077 2026] [security2:error] [pid 25689:tid 25689] [client 46.224.130.72:59458] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bbproductionsonline.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bbproductionsonline.com"] [uri "/wp-json/rankmath/v1/getHead"] [unique_id "ak-5i2U2U_senH1yOVJq_QAAAAo"], referer: https://bbproductionsonline.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 14:06:53
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:06:49.695325 2026] [security2:error] [pid 14556:tid 14556] [client 46.224.130.72:36972] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||greenlight.us|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "greenlight.us"] [uri "/author-sitemap.xml"] [unique_id "ak-q-ZoLPGc1_IJGXr-8tgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 13:48:23
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 09:48:16.651901 2026] [security2:error] [pid 7253:tid 7253] [client 46.224.130.72:33610] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.investorsfundingusa.internetnameregistration.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.investorsfundingusa.internetnameregistration.com"] [uri "/"] [unique_id "ak-moP5MW2wUf5uPzic2cgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 13:14:13
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 09:14:06.504267 2026] [security2:error] [pid 29396:tid 29396] [client 46.224.130.72:56598] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bonegym.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bonegym.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ak-enllYUGr__vpTw4VF8gAAAAY"], referer: https://bonegym.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 12:51:17
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:51:11.989095 2026] [security2:error] [pid 1741:tid 1741] [client 46.224.130.72:41292] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||arogun.org|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "arogun.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-ZP1YvTTY9aq4CBobOJgAAAAc"], referer: https://arogun.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 12:26:43
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:26:36.112167 2026] [security2:error] [pid 6154:tid 6154] [client 46.224.130.72:49096] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||ralphharris.org|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "ralphharris.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-TfJsVX6sMxqMr6WOT0QAAAAQ"], referer: https://ralphharris.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 12:10:58
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:10:52.877520 2026] [security2:error] [pid 9760:tid 9760] [client 46.224.130.72:52650] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||solventtrapco.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "solventtrapco.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "ak-PzLkQzdJjV1Ke9sDZyAAAAAQ"], referer: https://solventtrapco.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 11:31:55
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:31:49.796979 2026] [security2:error] [pid 1306533:tid 1306533] [client 46.224.130.72:42992] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||drbolen.derekvantreese.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "drbolen.derekvantreese.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "ak-GpTTBTjEAeFipCOnW4AAAACE"], referer: https://drbolen.derekvantreese.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 11:06:46
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:06:40.059573 2026] [security2:error] [pid 15786:tid 15786] [client 46.224.130.72:41520] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||capriexpress.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "capriexpress.com"] [uri "/"] [unique_id "ak-AwO3oCFm1bf_66F30BAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 10:46:00
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.you ...
show more
(mod_security) mod_security (id:210350) triggered by 46.224.130.72 (static.72.130.224.46.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:45:55.869423 2026] [security2:error] [pid 29359:tid 29359] [client 46.224.130.72:35520] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||starsmogsandiego.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "starsmogsandiego.com"] [uri "/wp-sitemap-users-1.xml"] [unique_id "ak9745vQoM2k0uWhM16y8AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-09 10:16:27
(1 day ago)
(wordpress) Failed wordpress login from 46.224.130.72 (DE/Germany/static.72.130.224.46.clients.your- ...
show more
(wordpress) Failed wordpress login from 46.224.130.72 (DE/Germany/static.72.130.224.46.clients.your-server.de)
show less
Brute-Force