πΊπΈ
kosada.com
2026-06-16 13:06:38
(1 day ago)
Web password guessing
Brute-Force
π©πͺ
big-cloud.nl
2026-06-16 05:22:03
(2 days ago)
Try to access /xmlrpc.php
Web App Attack
π²πΉ
Malta
2026-06-15 06:20:53
(2 days ago)
65.111.14.60 - - [15/Jun/2026:08:20:52 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT ...
show more
65.111.14.60 - - [15/Jun/2026:08:20:52 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π¨π΄
ingentar
2026-06-13 11:29:41
(4 days ago)
2026-06-13T06:27:15.746636-05:00 web wordpress(eagletransvip.com)[709922]: Blocked authentication at ...
show more
2026-06-13T06:27:15.746636-05:00 web wordpress(eagletransvip.com)[709922]: Blocked authentication attempt for admin from 65.111.14.60
...
show less
Web App Attack
Brute-Force
π¬π·
setupgr
2026-06-13 04:10:58
(5 days ago)
(mod_security) mod_security (id:900001) triggered by 65.111.14.60: 1 in the last 86400 secs; Ports: ...
show more
(mod_security) mod_security (id:900001) triggered by 65.111.14.60: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 07:10:57.536836 2026] [security2:error] [pid 568634:tid 568715] [client 65.111.14.60:41247] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "mail.asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "aizYUWhA1AVliy02kiGXNAAAAck"], referer: https://mail.asteriassantorini.com/wp-login.php
show less
Port Scan
π¬π·
setupgr
2026-06-12 14:33:49
(5 days ago)
(mod_security) mod_security (id:900001) triggered by 65.111.14.60: 1 in the last 86400 secs; Ports: ...
show more
(mod_security) mod_security (id:900001) triggered by 65.111.14.60: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 12 17:33:45.643191 2026] [security2:error] [pid 326652:tid 326758] [client 65.111.14.60:58125] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|alloweddomain2\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: mail.doityourself.gr"] [severity "CRITICAL"] [tag "security"] [hostname "mail.doityourself.gr"] [uri "/wp-login.php"] [unique_id "aiwYyVrU4zS5423Bd9YVEQAAAEY"], referer: https://mail.doityourself.gr/wp-login.php
show less
Port Scan
π²πΉ
Malta
2026-06-11 22:57:20
(6 days ago)
65.111.14.60 - - [12/Jun/2026:00:57:20 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT ...
show more
65.111.14.60 - - [12/Jun/2026:00:57:20 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π«π·
ELYAZ
2026-06-11 13:41:02
(6 days ago)
(y4) Failed scan -byebye- from 65.111.14.60 (US/United States/-): (CF_ENABLE)
Hacking
π³π±
jjnxpct
2026-02-16 04:54:27
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.staging (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.staging]
show less
Hacking
Web App Attack
πΊπΈ
mnsf
2026-02-16 03:05:27
(4 months ago)
Scanning/Probing (25)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 12:33:15
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:33:08.203007 2026] [security2:error] [pid 13815:tid 13815] [client 65.111.14.60:46043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sguard.co"] [uri "/.env.staging"] [unique_id "aZG9BIPDJ3d3fXKD816V7gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 07:04:34
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 02:04:29.617629 2026] [security2:error] [pid 21802:tid 21802] [client 65.111.14.60:30065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psychicangelreader.com"] [uri "/.git/config"] [unique_id "aZFv_buSBhPDkz0AG98gDAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 05:59:17
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:59:10.480346 2026] [security2:error] [pid 25992:tid 25992] [client 65.111.14.60:29601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "omnithermal.com"] [uri "/new/.git/config"] [unique_id "aZFgrq0Tfnxwy1Cz6FsFPwAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 05:39:38
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:39:35.327947 2026] [security2:error] [pid 468:tid 468] [client 65.111.14.60:44695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okwellbeing.com"] [uri "/.env.staging"] [unique_id "aZFcF5UCWuAI9qyqOVQ-CQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 04:28:20
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.14.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:28:17.091094 2026] [security2:error] [pid 17434:tid 17434] [client 65.111.14.60:46739] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "numeralla.com"] [uri "/site/.git/config"] [unique_id "aZFLYfmGeZbJWp9kmRyWOwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack