๐บ๐ธ
cwytech
2026-07-04 03:16:49
(8 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 18:48:58
(16 hours ago)
[ns41.kdns.gr] httpd-login-spray-site: sites=www.msjacovides.com; logs=/var/log/httpd/domains/msjaco ...
show more
[ns41.kdns.gr] httpd-login-spray-site: sites=www.msjacovides.com; logs=/var/log/httpd/domains/msjacovides.com.log; samples=site_wide=true | distinct_ips=16 | /wp-login.php
show less
Hacking
Web App Attack
๐ซ๐ท
pm33
2026-07-03 05:38:17
(1 day ago)
Wordpress login attempts
Brute-Force
๐ซ๐ท
ELYAZ
2026-07-03 01:43:08
(1 day ago)
(y4) Failed scan -byebye- from 104.207.46.104 (US/United States/-): (CF_ENABLE)
Hacking
Anonymous
2026-07-02 00:56:37
(2 days ago)
WordPress Brute Force
Brute-Force
Anonymous
2026-05-13 15:44:38
(1 month ago)
Multiple failed login attemps RDS-Web-Access-Server
Brute-Force
Web App Attack
๐ฉ๐ช
Viveronese
2026-03-27 01:27:47
(3 months ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
TRoden
2026-03-10 07:55:02
(3 months ago)
Geo Block Plugin: Escalation flag(s): rce_attempt
Hacking
๐บ๐ธ
mind5t0rm
2026-02-27 05:25:00
(4 months ago)
(WPLOGIN) WP Login Attack 104.207.46.104 (US/United States/-): 3 in the last 3600 secs; Ports: *; Di ...
show more
(WPLOGIN) WP Login Attack 104.207.46.104 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.46.104 - - [27/Feb/2026:12:24:29 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2454 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36"
104.207.46.104 - - [27/Feb/2026:12:24:30 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36"
104.207.46.104 - - [27/Feb/2026:12:24:56 +0700] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.zerowaterthailand.com%2Fwp-admin%2F&reauth=1 HTTP/2.0" 200 2453 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36"
show less
Port Scan
๐ช๐ธ
10dencehispahard SL
2025-12-03 07:33:14
(7 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
๐ฉ๐ช
Packets-Decreaser.NET
2025-11-30 13:09:54
(7 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-11-25 07:10:02
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:09:50.442392 2025] [security2:error] [pid 21498:tid 21498] [client 104.207.46.104:52845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mobresearchinc.markthwaite.com"] [uri "/.git/HEAD"] [unique_id "aSVWPjuKduAL-Rf4oN-eNwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 06:21:48
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:21:40.576157 2025] [security2:error] [pid 908933:tid 908933] [client 104.207.46.104:33683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.artsun.com"] [uri "/.git/HEAD"] [unique_id "aSVK9DMpvDDB1nVDAmrFywAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 09:31:47
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:31:40.602782 2025] [security2:error] [pid 8506:tid 8506] [client 104.207.46.104:50073] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.sirreelpictures.com"] [uri "/.svn/wc.db"] [unique_id "aSQl_Fcu4YGWvkI1v6HvWQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:06:36
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.46.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:06:30.607279 2025] [security2:error] [pid 8113:tid 8113] [client 104.207.46.104:52623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pleasurecube.com"] [uri "/.env"] [unique_id "aSQSBqTTYnHjhnJHkAjBxQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack