๐ฌ๐ง
gigatech
2026-07-08 22:35:15
(7 hours ago)
Webserver Probing
Web App Attack
๐ฌ๐ท
setupgr
2026-07-08 19:50:25
(10 hours ago)
(wplogin_block) Blocked WP-Login Access Attempt 65.111.24.79 (DE/Germany/State of Berlin/Berlin/-/[A ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 65.111.24.79 (DE/Germany/State of Berlin/Berlin/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 65.111.24.79 - - [08/Jul/2026:22:44:03 +0300] "POST /wp-login.php HTTP/1.1" 200 5376 "https://adoro.gr/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:119.0) Gecko/20100101 Firefox/119.0"
show less
Port Scan
Anonymous
2026-07-08 19:19:30
(10 hours ago)
[server.tmg.gr] httpd-login-spray-site: sites=www.crisis-management2020.eu; logs=/var/log/httpd/doma ...
show more
[server.tmg.gr] httpd-login-spray-site: sites=www.crisis-management2020.eu; logs=/var/log/httpd/domains/crisis-management2020.eu.log; samples=site_wide=true | distinct_ips=31 | /wp-login.php
show less
Hacking
Web App Attack
๐ซ๐ท
Sklurk
2026-06-23 05:07:17
(2 weeks ago)
Web App Attack
Web App Attack
๐ซ๐ท
Sklurk
2026-06-17 05:31:55
(3 weeks ago)
Web App Attack
Web App Attack
๐ฎ๐น
VHosting
2026-06-12 02:00:05
(3 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 17:35:57
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 12:35:52.166837 2026] [security2:error] [pid 3615:tid 3615] [client 65.111.24.79:14037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||desimon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "desimon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZdJ-IC9hZz4DHS7Sxfk-gAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-02-11 21:04:27
(4 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-10 23:01:08
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-10
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-10 17:11:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 12:11:01.985128 2026] [security2:error] [pid 11036:tid 11036] [client 65.111.24.79:30439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "18mstudio.com"] [uri "/api/.env"] [unique_id "aYtmpSTcS1r_VPTmE_RaqQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 06:42:49
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:42:41.364210 2026] [security2:error] [pid 27663:tid 27663] [client 65.111.24.79:46577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kontikimotorcycles.com"] [uri "/api/.git/config"] [unique_id "aYrTYVlwMZw-Vc5RQFW1LQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 05:14:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 00:13:59.308443 2026] [security2:error] [pid 8939:tid 8939] [client 65.111.24.79:60727] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ieas.org"] [uri "/backend/.env"] [unique_id "aYq-l8Hh1bh-OfRaw1gTswAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 01:31:48
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 20:31:42.950087 2026] [security2:error] [pid 31597:tid 31597] [client 65.111.24.79:43165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "husman.es"] [uri "/new/.git/config"] [unique_id "aYqKflkVf3EQl-xVUQUw-gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 20:08:41
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.24.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:08:26.898973 2026] [security2:error] [pid 21233:tid 21233] [client 65.111.24.79:15029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homeschoolwv.com"] [uri "/backup/.git/config"] [unique_id "aYo-usR7Sc32L1tjL1AnJQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-09 20:07:13
(4 months ago)
Blocking for trying to access an exploit file: /site/.git/config
Hacking