Anonymous
2026-07-07 20:06:37
(1 day ago)
Trying to access config files
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-06 21:24:02
(2 days ago)
Wordfence waf block on lostswordfish
Web App Attack
Anonymous
2026-06-30 13:20:59
(1 week ago)
Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.
Web App Attack
Anonymous
2026-06-28 21:06:56
(1 week ago)
[ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr. ...
show more
[ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr.log; samples=site_wide=true | distinct_ips=24 | /wp-login.php
show less
Hacking
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-26 02:41:35
(1 week ago)
(y4) Failed scan -byebye- from 104.207.50.76 (GB/United Kingdom/-): (CF_ENABLE)
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-20 11:20:21
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 06:20:17.223055 2026] [security2:error] [pid 20755:tid 20755] [client 104.207.50.76:42791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||studioarts.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "studioarts.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZhDcaBOEixoZQ77QQLn-AAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Carsten
2026-01-21 19:34:08
(5 months ago)
GET [.git/HEAD]
Port Scan
๐ฌ๐ง
Swiptly
2026-01-21 14:51:28
(5 months ago)
Bot scanning for environment files .env .env/\*
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-21 13:29:43
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 08:29:36.374596 2026] [security2:error] [pid 3302205:tid 3302205] [client 104.207.50.76:54871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "realestatemedia.co.uk"] [uri "/.env"] [unique_id "aXDUwGIXbWiwlYmiPCb7qQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-20 19:47:49
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 20 14:47:42.181610 2026] [security2:error] [pid 5554:tid 5554] [client 104.207.50.76:21393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jimlawless.net"] [uri "/.svn/wc.db"] [unique_id "aW_b3quAYfHALKS08UvJdQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2025-12-29 22:50:20
(6 months ago)
Kingcopy(AI-IDS):IP does Multiple AWS Environment Abuse
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 05:33:36
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.50.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:33:28.952525 2025] [security2:error] [pid 12604:tid 12604] [client 104.207.50.76:56209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elessenux.com"] [uri "/.git/HEAD"] [unique_id "aVISqLARFbq1hyPLJ-CYjQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
Rosh
2025-10-19 10:54:20
(8 months ago)
[10/19/25 12:54:19] SSH: illegal login attempts
Brute-Force
SSH
Anonymous
2025-10-11 00:33:58
(8 months ago)
Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report ti ...
show more
Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.11 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-10-10 20:08:49
(8 months ago)
Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report ti ...
show more
Attempted brute force login to web vpn 90 time(s); last attempt for 2025.10.10 is noted in report timestamp
show less
Hacking
Brute-Force