๐ฌ๐ท
setupgr
2026-06-23 14:08:34
(1 week ago)
(mod_security) mod_security (id:900001) triggered by 65.111.26.45 (ES/Spain/Madrid/Madrid/-/[AS20037 ...
show more
(mod_security) mod_security (id:900001) triggered by 65.111.26.45 (ES/Spain/Madrid/Madrid/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 23 17:08:33.523142 2026] [security2:error] [pid 1934756:tid 1934893] [client 65.111.26.45:49877] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: asteriassantorini.com"] [severity "CRITICAL"] [tag "security"] [hostname "asteriassantorini.com"] [uri "/wp-login.php"] [unique_id "ajqTYS7wGrlvgFoRVzY43gAAAUU"], referer: https://asteriassantorini.com/wp-login.php
show less
Port Scan
๐ซ๐ท
Sklurk
2026-06-23 03:57:13
(1 week ago)
Web App Attack
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 03:06:49
(2 weeks ago)
Login Too Frequent (6)
Brute-Force
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-12 02:37:04
(3 weeks ago)
(y4) Failed scan -byebye- from 65.111.26.45 (ES/Spain/-): (CF_ENABLE)
Hacking
Anonymous
2026-06-11 04:21:03
(3 weeks ago)
[server.tmg.gr] httpd-login-spray-site: sites=add2022.gr; logs=/var/log/httpd/domains/add2022.gr.log ...
show more
[server.tmg.gr] httpd-login-spray-site: sites=add2022.gr; logs=/var/log/httpd/domains/add2022.gr.log; samples=site_wide=true | distinct_ips=28 | /wp-login.php
show less
Hacking
Web App Attack
Anonymous
2026-01-05 20:31:33
(5 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp
show less
Hacking
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-01-02 23:01:19
(6 months ago)
Auto-ban: >3000 req/min op 2026-01-02
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-01-02 20:06:56
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 15:06:35.939818 2026] [security2:error] [pid 23052:tid 23052] [client 65.111.26.45:53347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.joanofartdesign.com"] [uri "/.env"] [unique_id "aVglS-5kgl68cUop4xTATAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 19:58:36
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:58:33.887436 2025] [security2:error] [pid 7955:tid 7955] [client 65.111.26.45:29323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oliverhardy.com"] [uri "/.git/HEAD"] [unique_id "aVA6aa0qkHApMkZ2OHIwPQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 19:36:37
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:36:28.666026 2025] [security2:error] [pid 32308:tid 32308] [client 65.111.26.45:16825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbristowconsulting.com"] [uri "/.git/HEAD"] [unique_id "aVA1PIEoZQeRdb-2LDMGFgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 17:24:42
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:24:36.818069 2025] [security2:error] [pid 2572:tid 2572] [client 65.111.26.45:17091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "champions-in-arms.com"] [uri "/.svn/wc.db"] [unique_id "aVAWVDusdmLSqBHh_5Xe0gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 16:23:20
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.26.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:23:14.463970 2025] [security2:error] [pid 26488:tid 26488] [client 65.111.26.45:47327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dancingmountainsbrewing.com"] [uri "/.env"] [unique_id "aVAH8oFAEGOWhwzpg1NUEwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-26 20:13:33
(6 months ago)
"GET /.svn/wc.db HTTP/1.1"
Hacking
Web App Attack
๐บ๐ธ
OceanTreasure
2025-12-26 08:45:37
(6 months ago)
tcp/80; SVN repository metadata exposure attempt: "GET /.svn/wc.db" @ 2025-12-26T08:38:30Z [proxy]
Web App Attack
Anonymous
2025-12-25 14:07:38
(6 months ago)
wordpress-trap
Web App Attack