๐ซ๐ท
pm33
2026-07-07 18:32:49
(5 days ago)
Wordpress login attempts
Brute-Force
๐บ๐ธ
lostswordfish.com
2026-07-07 17:42:04
(5 days ago)
Wordfence waf block on hope4scranton
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-07 04:08:16
(6 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฌ๐ท
setupgr
2026-07-05 07:20:03
(1 week ago)
(wplogin_block) Blocked WP-Login Access Attempt 65.111.15.178 (US/United States/Virginia/Ashburn/-/[ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 65.111.15.178 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 65.111.15.178 - - [05/Jul/2026:10:19:14 +0300] "POST /wp-login.php HTTP/1.1" 302 - "https://cpanagiotou.gr/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
show less
Port Scan
๐บ๐ธ
cwytech
2026-07-04 03:14:35
(1 week ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-02 22:35:13
(1 week ago)
IM360 WAF: Prohibited WordPress username login/registration
Web App Attack
๐ฌ๐ท
setupgr
2026-07-02 11:16:28
(1 week ago)
(wplogin_block) Blocked WP-Login Access Attempt 65.111.15.178 (US/United States/Virginia/Ashburn/-/[ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 65.111.15.178 (US/United States/Virginia/Ashburn/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 65.111.15.178 - - [02/Jul/2026:14:15:16 +0300] "POST /wp-login.php HTTP/1.1" 200 8594 "https://adoro.gr/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
show less
Port Scan
๐ฉ๐ช
LRob
2026-06-22 19:16:37
(2 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ซ๐ท
Sklurk
2026-06-20 04:25:36
(3 weeks ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 04:02:37
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 23:02:32.769555 2026] [security2:error] [pid 15510:tid 15510] [client 65.111.15.178:48969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kistner.us"] [uri "/.env.local"] [unique_id "aZaLWCrEB7Jr_qd-tbu6AQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 02:33:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:33:00.848488 2026] [security2:error] [pid 7216:tid 7216] [client 65.111.15.178:28001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kclawoffice.com"] [uri "/v2/.git/config"] [unique_id "aZZ2XGTyodiLIJ_LFSR4UQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-02-19 02:22:11
(4 months ago)
65.111.15.178 - - [19/Feb/2026:03:22:10 +0100] "GET /backend/.env HTTP/1.1" 403 3935 "-" "Mozilla/5. ...
show more
65.111.15.178 - - [19/Feb/2026:03:22:10 +0100] "GET /backend/.env HTTP/1.1" 403 3935 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 01:29:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:29:01.113528 2026] [security2:error] [pid 14119:tid 14131] [client 65.111.15.178:18277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kandooo.com"] [uri "/.env"] [unique_id "aZZnXc7LbDS5IjHn1_w9zAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 00:58:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:58:02.858658 2026] [security2:error] [pid 10606:tid 10606] [client 65.111.15.178:58401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wallawallafirearmstraining.com"] [uri "/.env.save"] [unique_id "aZZgGsgFuDmO7uhhOwFNZAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 00:29:34
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.15.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:29:26.569212 2026] [security2:error] [pid 856:tid 856] [client 65.111.15.178:63657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "voodooshop.com"] [uri "/admin/.env"] [unique_id "aZZZZhSI2tqOtuOnN9NqmwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack