๐ฉ๐ช
LRob
2026-06-25 00:30:09
(1 week ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 00:25:36
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:25:31.430829 2026] [security2:error] [pid 15440:tid 15440] [client 65.109.29.104:24086] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lapapevip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lapapevip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajx1e5L2GoCbjO8f2qQOCAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 00:02:24
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:02:18.076085 2026] [security2:error] [pid 32616:tid 32616] [client 65.109.29.104:25585] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||patandmat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "patandmat.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajxwClUewnY7afmCDNV85AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-24 22:48:06
(1 week ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:39:31
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 65.109.29.104 (static.104.29.109.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:39:25.355134 2026] [security2:error] [pid 5095:tid 5095] [client 65.109.29.104:39713] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||poulsoncustomhomes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "poulsoncustomhomes.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajxcnUK51SrNiOtPOPPnAQAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
KIDOS
2026-06-24 18:42:06
(1 week ago)
malicious activity
Web App Attack
๐บ๐ธ
ph
2026-06-24 14:08:25
(1 week ago)
Bad web bot attempting to run wp-json on non-WP site
Hacking
Bad Web Bot
Web App Attack
๐ญ๐บ
Lacika555
2026-06-24 01:55:35
(2 weeks ago)
RdpGuard detected brute-force attempt on SMTP
Brute-Force
๐ซ๐ท
masterguru
2026-06-23 17:46:16
(2 weeks ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.109.29.104 (FI/Finland/static.104.29.109.65 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.109.29.104 (FI/Finland/static.104.29.109.65.clients.your-server.de): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
jkhorvath.com
2026-06-23 14:17:21
(2 weeks ago)
Request for URL http:/proxyjudge.us/
Phishing
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-22 22:02:15
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-21.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-21 21:06:19
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 65.109.29.104 (static.104.29.109.65.clients.you ...
show more
(mod_security) mod_security (id:210492) triggered by 65.109.29.104 (static.104.29.109.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:06:16.292618 2026] [security2:error] [pid 5539:tid 5539] [client 65.109.29.104:58787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.smarttokenchain.robtown.com"] [uri "/wp-config.php.bak"] [unique_id "ajhSSMOo3pX5o7FKfUxkygAAAAI"], referer: https://www.google.com/search?q=www.smarttokenchain.robtown.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 15:20:38
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 65.109.29.104 (static.104.29.109.65.clients.you ...
show more
(mod_security) mod_security (id:210492) triggered by 65.109.29.104 (static.104.29.109.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:20:31.018208 2026] [security2:error] [pid 24398:tid 24398] [client 65.109.29.104:50944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.page-wide.computersraleigh.com"] [uri "/.env.backup"] [unique_id "ajgBPy2XCwkruzug4eQj0gAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ธ
Smel
2026-06-21 11:49:16
(2 weeks ago)
Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -
Email Spam
Hacking
Brute-Force
Anonymous
2026-06-20 15:33:01
(2 weeks ago)
...
Brute-Force