π«π·
Tilellit.PRO
2026-07-08 12:38:19
(1 day ago)
WP Armour Plugin detection
Web Spam
Brute-Force
Anonymous
2026-07-06 04:49:59
(3 days ago)
Brute forcing Wordpress login
Hacking
Web App Attack
Anonymous
2026-07-03 07:55:53
(6 days ago)
[web.zebs.ch] httpd-login-spray-site: sites=www.example.com; logs=/var/log/httpd/access_log; samples ...
show more
[web.zebs.ch] httpd-login-spray-site: sites=www.example.com; logs=/var/log/httpd/access_log; samples=site_wide=true | distinct_ips=13 | /wp-login.php
show less
Hacking
Web App Attack
π²πΉ
Malta
2026-07-02 08:06:28
(1 week ago)
104.207.37.29 - - [02/Jul/2026:10:06:27 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
104.207.37.29 - - [02/Jul/2026:10:06:27 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π©πͺ
4server
2026-06-30 17:53:16
(1 week ago)
[TueJun3019:53:13.8558902026][security2:error][pid488377:tid488505][client104.207.37.29:0]ModSecurit ...
show more
[TueJun3019:53:13.8558902026][security2:error][pid488377:tid488505][client104.207.37.29:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"furgonianoleggio.ch\"][uri\"/xmlrpc.php\"][unique_id\"akQCiZhh4DS-oRLn9q_GpQAAAQk\"]\,referer:https://www.google.com/
show less
Port Scan
Brute-Force
Web App Attack
π±π»
garmtech.com
2026-06-26 17:27:45
(1 week ago)
IM360 WAF: Prohibited WordPress username login/registration
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-21 23:15:00
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 18:14:53.443417 2026] [security2:error] [pid 24829:tid 24829] [client 104.207.37.29:49537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thekingofweed.com"] [uri "/.env"] [unique_id "aXFd7RvCQWaBJYmlwDwLMwAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-21 21:00:18
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 16:00:12.708124 2026] [security2:error] [pid 1353:tid 1353] [client 104.207.37.29:52649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "habakkukent.com"] [uri "/.env"] [unique_id "aXE-XMtWLgM8PWkm10Xb4gAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-21 16:11:04
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 11:10:59.899681 2026] [security2:error] [pid 1752:tid 1752] [client 104.207.37.29:58537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/.svn/wc.db"] [unique_id "aXD6k04wcdSjYcbkvXa7MQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Packets-Decreaser.NET
2025-12-29 14:01:45
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
Anonymous
2025-12-04 03:19:09
(7 months ago)
2025-12-04T05:19:09.123201+02:00 zanati wp(www.sahpa.co.za)[382700]: Blocked authentication attempt ...
show more
2025-12-04T05:19:09.123201+02:00 zanati wp(www.sahpa.co.za)[382700]: Blocked authentication attempt for [email protected] from 104.207.37.29
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-26 03:50:15
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:50:10.561447 2025] [security2:error] [pid 32412:tid 32412] [client 104.207.37.29:22779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.hotelkona.com"] [uri "/.git/HEAD"] [unique_id "aSZ48uIAsNvok1vgTUPrMgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-26 01:59:40
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:59:37.338367 2025] [security2:error] [pid 25380:tid 25380] [client 104.207.37.29:24419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lenorasflowers.com"] [uri "/.env"] [unique_id "aSZfCZMhI7ZD2wzyPEyymgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-26 00:37:32
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.37.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:37:27.732362 2025] [security2:error] [pid 6649:tid 6705] [client 104.207.37.29:59829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.miltonthepuppy.com"] [uri "/.svn/wc.db"] [unique_id "aSZLx_CQPT6s-IHquRxevQAAAVI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2025-11-25 23:01:00
(7 months ago)
Auto-ban: >3000 req/min op 2025-11-25
Hacking
Web App Attack
SSH