๐ฒ๐ฝ
octageeks.com
2026-07-04 04:15:57
(15 hours ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ณ๐ฟ
billyborsht
2026-07-04 00:35:34
(19 hours ago)
2026-07-04T12:35:33.643638+12:00 southern wordpress(nzangels.com)[2024961]: Authentication attempt f ...
show more
2026-07-04T12:35:33.643638+12:00 southern wordpress(nzangels.com)[2024961]: Authentication attempt for unknown user backupsystems from 65.111.23.140
...
show less
Hacking
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-07-02 11:54:00
(2 days ago)
65.111.23.140 - - [02/Jul/2026:14:53:59 +0300] "POST /wp-login.php HTTP/1.1" 404 12994 "https://oh6a ...
show more
65.111.23.140 - - [02/Jul/2026:14:53:59 +0300] "POST /wp-login.php HTTP/1.1" 404 12994 "https://oh6ah.fi/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
65.111.23.140 - [02/Jul/2026:14:53:58 +0300] "POST /wp-login.php HTTP/1.1" 404 12288 "https://oh6ah.fi/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-28 21:56:18
(5 days ago)
IM360 WAF: Prohibited WordPress username login/registration
Web App Attack
Anonymous
2026-06-28 20:58:35
(5 days ago)
[ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr. ...
show more
[ssd1.kdns.gr] httpd-login-spray-site: sites=me-meraki.gr; logs=/var/log/httpd/domains/me-meraki.gr.log; samples=site_wide=true | distinct_ips=23 | /wp-login.php
show less
Hacking
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-27 04:20:22
(1 week ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ซ๐ท
Hippoline
2026-06-26 15:14:02
(1 week ago)
Jun 26 17:14:01 local wp(XXXX-A)[2010]: Authentication attempt for unknown user admin from 65.111.23 ...
show more
Jun 26 17:14:01 local wp(XXXX-A)[2010]: Authentication attempt for unknown user admin from 65.111.23.140
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
tilellit.pro
2026-06-26 01:27:42
(1 week ago)
Fail2Ban banned 65.111.23.140 for security violations in jail wp-armour. Log: 2026/06/26 01:27:42 [e ...
show more
Fail2Ban banned 65.111.23.140 for security violations in jail wp-armour. Log: 2026/06/26 01:27:42 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 65.111.23.140 | Target: wplogin" , client: 65.111.23.140, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐บ๐ธ
cwytech
2026-06-25 16:25:34
(1 week ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2026-05-22 20:05:30
(1 month ago)
Wordpress Login or XMLRPC abuse
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-11 17:31:48
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 12:31:42.356147 2026] [security2:error] [pid 3581021:tid 3581032] [client 65.111.23.140:33365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aqutar.com"] [uri "/api/.env"] [unique_id "aYy8_q9saFF76abMwyCC-gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-10 22:59:25
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-10
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-10 17:32:44
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:32:37.850437 2026] [security2:error] [pid 9060:tid 9060] [client 65.111.23.140:61347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anywheregarden.com"] [uri "/.env"] [unique_id "aYtrtRXShaV7gYw1nKF-XgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-02-10 06:08:31
(4 months ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /new/.git/con ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /new/.git/config
show less
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 03:41:07
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:41:01.587372 2026] [security2:error] [pid 17457:tid 17457] [client 65.111.23.140:46319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ibermar.info"] [uri "/app/.env"] [unique_id "aYqozWJUueUgEP6lRGZhbAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack