π¬π·
setupgr
2026-06-15 22:06:54
(2 hours ago)
(mod_security) mod_security (id:900001) triggered by 209.50.180.174: 1 in the last 86400 secs; Ports ...
show more
(mod_security) mod_security (id:900001) triggered by 209.50.180.174: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 01:06:49.608560 2026] [security2:error] [pid 1917021:tid 1917206] [client 209.50.180.174:54545] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.ions.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.ions.gr"] [uri "/wp-login.php"] [unique_id "ajB3eQ799xbSHUG5HIrp2AAAAMg"], referer: https://mail.ions.gr/wp-login.php
show less
Port Scan
π¬π·
setupgr
2026-06-12 14:30:58
(3 days ago)
(mod_security) mod_security (id:900001) triggered by 209.50.180.174: 1 in the last 86400 secs; Ports ...
show more
(mod_security) mod_security (id:900001) triggered by 209.50.180.174: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 17:30:56.622932 2026] [security2:error] [pid 342164:tid 342202] [client 209.50.180.174:10363] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.doityourself.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-login.php"] [unique_id "aiwYIBXBVZYB-gAnaREwlwAAAQs"], referer: https://mail.doityourself.gr/wp-login.php
show less
Port Scan
π²π½
octageeks.com
2026-06-12 04:23:36
(3 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
π©πͺ
LRob.fr
2026-06-11 23:45:04
(4 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
πΊπΈ
nationaleventpros.com
2026-06-11 20:35:46
(4 days ago)
WordPress login attempt
Brute-Force
π«π·
ELYAZ
2026-06-11 13:41:11
(4 days ago)
(y4) Failed scan -byebye- from 209.50.180.174 (GB/United Kingdom/-): (CF_ENABLE)
Hacking
π²πΉ
Malta
2026-06-10 11:20:40
(5 days ago)
209.50.180.174 - - [10/Jun/2026:13:20:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ...
show more
209.50.180.174 - - [10/Jun/2026:13:20:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
π¦πΊ
RedBear IT
2026-03-26 10:00:37
(2 months ago)
"DDoS against public endpoint"
DDoS Attack
πͺπΈ
10dencehispahard SL
2026-01-19 08:18:06
(4 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
πΊπΈ
TPI-Abuse
2025-12-10 15:03:30
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 10:03:24.106344 2025] [security2:error] [pid 30951:tid 30951] [client 209.50.180.174:53105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "workzoap.com"] [uri "/.env"] [unique_id "aTmLvLj3z4dOGclzS_WLmgAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-09 08:30:50
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 03:30:45.805632 2025] [security2:error] [pid 13879:tid 13879] [client 209.50.180.174:30057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomslawmd.com"] [uri "/.svn/wc.db"] [unique_id "aTfeNQH9dtwVIJ17cGQsHQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-08 00:58:52
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 19:58:49.775503 2025] [security2:error] [pid 12330:tid 12330] [client 209.50.180.174:32359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mldlnn.com"] [uri "/.svn/wc.db"] [unique_id "aTYiyXvVVwsZZyNDIDQ80QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-06 02:53:53
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 21:53:47.869189 2025] [security2:error] [pid 14242:tid 14242] [client 209.50.180.174:32139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chassell.info"] [uri "/.git/HEAD"] [unique_id "aTOau1Ujh4Vv4LQGKOOfsAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-05 11:25:35
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:25:31.953633 2025] [security2:error] [pid 30137:tid 30137] [client 209.50.180.174:20275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internationalexecutivetravel.com"] [uri "/.env"] [unique_id "aTLBK8lZiy24zBaYkFRuuQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-05 11:06:53
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:06:49.181582 2025] [security2:error] [pid 10523:tid 10523] [client 209.50.180.174:57865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globalsecurity360.com"] [uri "/.env"] [unique_id "aTK8yZURZda21fqralWuFwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack