Anonymous
2026-07-15 23:07:05
(4 hours ago)
Trying to access config files
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-15 12:25:31
(14 hours ago)
Known malicious PHP file or CMS probe
Web App Attack
๐ฌ๐ท
setupgr
2026-07-10 15:34:05
(5 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 104.207.53.0 (GB/United Kingdom/England/London/-/[AS ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 104.207.53.0 (GB/United Kingdom/England/London/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 104.207.53.0 - - [10/Jul/2026:18:33:34 +0300] "POST /wp-login.php HTTP/1.1" 200 3371 "https://mail.asteriassantorini.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:118.0) Gecko/20100101 Firefox/118.0"
show less
Port Scan
Anonymous
2026-07-08 13:44:42
(1 week ago)
[server.techsupportltd.gr] httpd-login-spray-site: sites=www.wavedancercyprus.com; logs=/var/log/htt ...
show more
[server.techsupportltd.gr] httpd-login-spray-site: sites=www.wavedancercyprus.com; logs=/var/log/httpd/domains/wavedancercyprus.com.log; samples=site_wide=true | distinct_ips=14 | /wp-login.php
show less
Hacking
Web App Attack
๐ซ๐ท
LRob
2026-07-05 18:55:46
(1 week ago)
CrowdSec: LePresidente/http-generic-403-bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows NT ...
show more
CrowdSec: LePresidente/http-generic-403-bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:138.0) Gecko/20100101 Firefox/138.0"]
show less
Hacking
๐บ๐ธ
lostswordfish.com
2026-06-28 07:24:05
(2 weeks ago)
Wordfence waf block on taussigtravel
Web App Attack
Anonymous
2026-06-25 18:53:16
(2 weeks ago)
[osotir.org] httpd-login-spray-site: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/a ...
show more
[osotir.org] httpd-login-spray-site: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=site_wide=true | distinct_ips=16 | /wp-login.php
show less
Hacking
Web App Attack
๐ฌ๐ง
PeravixGroup
2026-05-06 17:55:29
(2 months ago)
Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ...
show more
Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host
๐ณ๐ฑ
jjnxpct
2026-02-16 04:54:54
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.staging (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.staging]
show less
Hacking
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-15 22:59:10
(5 months ago)
Auto-ban: >3000 req/min op 2026-02-15
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-15 12:34:42
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:34:33.147944 2026] [security2:error] [pid 2135:tid 2135] [client 104.207.53.0:50275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "partybusdaytonabeach.com"] [uri "/backend/.env"] [unique_id "aZG9WUIsFhe9pMFwYdQE4wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-02-15 11:29:09
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (GB/United Kingdom/-): 5 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (GB/United Kingdom/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
Anonymous
2026-02-15 11:24:07
(5 months ago)
104.207.53.0 - - [15/Feb/2026:11:23:48 +0000] "GET /admin/.env HTTP/1.1" 403 2407 "-" "Mozilla/5.0 ( ...
show more
104.207.53.0 - - [15/Feb/2026:11:23:48 +0000] "GET /admin/.env HTTP/1.1" 403 2407 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 11:16:06
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:15:59.124709 2026] [security2:error] [pid 8444:tid 8444] [client 104.207.53.0:31809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "purplebikinis.com"] [uri "/.env"] [unique_id "aZGq7xEFE8fwlhAowjg-XwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 06:59:45
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.53.0 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:59:39.558422 2026] [security2:error] [pid 23526:tid 23526] [client 104.207.53.0:21521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psicotanato.com"] [uri "/test/.git/config"] [unique_id "aZFu2wgjfrPY6EDWNN_BzgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack