๐ฌ๐ง
gigatech
2026-07-09 07:40:05
(1 day ago)
Webserver Probing
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-25 06:34:11
(2 weeks ago)
(y4) Failed scan -byebye- from 65.111.28.163 (IT/Italy/-): (CF_ENABLE)
Hacking
๐ฌ๐ง
poundawebsiteltd
2026-06-23 02:19:29
(2 weeks ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.28.163 - - [23/Jun/2026:03:19:25 +0100] P ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 65.111.28.163 - - [23/Jun/2026:03:19:25 +0100] POST /wp-login.php HTTP/1.1 200 7364 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36
show less
Web App Attack
๐ฎ๐ฉ
zam
2026-06-22 10:53:34
(2 weeks ago)
65.111.28.163 - - [22/Jun/2026:10:53:31 +0000] "POST /wp-login.php HTTP/1.1" 404 27293
Web App Attack
๐ฌ๐ท
setupgr
2026-06-22 09:02:53
(2 weeks ago)
(mod_security) mod_security (id:900001) triggered by 65.111.28.163 (IT/Italy/Lazio/Rome/-/[AS200373 ...
show more
(mod_security) mod_security (id:900001) triggered by 65.111.28.163 (IT/Italy/Lazio/Rome/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 22 12:02:51.201350 2026] [security2:error] [pid 1934756:tid 1934916] [client 65.111.28.163:65157] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "75"] [id "900001"] [msg "Blocked WP Login attempt on domain: ions.gr"] [severity "CRITICAL"] [tag "security"] [hostname "ions.gr"] [uri "/wp-login.php"] [unique_id "ajj6Oy7wGrlvgFoRVzagZwAAAU0"], referer: https://ions.gr/wp-login.php
show less
Port Scan
๐ฒ๐ฝ
octageeks.com
2026-06-22 04:06:52
(2 weeks ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ซ๐ท
pm33
2026-06-21 00:51:09
(2 weeks ago)
Wordpress login attempts
Brute-Force
Anonymous
2026-01-05 20:29:00
(6 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp
show less
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-24 08:55:31
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:55:24.510460 2025] [security2:error] [pid 9029:tid 9029] [client 65.111.28.163:36481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.untraceable.org"] [uri "/.git/HEAD"] [unique_id "aSQdfP2aOu74M2XCFDdQbAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:31:40
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:31:33.093388 2025] [security2:error] [pid 26806:tid 26806] [client 65.111.28.163:25039] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayfieldwis.com"] [uri "/.svn/wc.db"] [unique_id "aSQX5SKbLFuRsWILPf3udgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:15:15
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:09.092509 2025] [security2:error] [pid 1209:tid 1209] [client 65.111.28.163:18525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "badfoodlawsuit.com"] [uri "/.svn/wc.db"] [unique_id "aSQUDZtecQDUk8dcTX6LJAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:41:53
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:41:46.038109 2025] [security2:error] [pid 1993:tid 1993] [client 65.111.28.163:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sportsbookcommission.com"] [uri "/.svn/wc.db"] [unique_id "aSPwGlIJ9AZwVoUBI8rj-wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:03:47
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:03:34.593030 2025] [security2:error] [pid 29831:tid 29831] [client 65.111.28.163:27943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.propertygalleria.com"] [uri "/.env"] [unique_id "aSPnJvkU3lz6e3DMLNgOwAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-13 18:28:23
(7 months ago)
This IP was involved in an brute force and password spray attack on 2025/11/13 12:26:10
Port Scan
Brute-Force
Exploited Host
Web App Attack
๐ฆ๐บ
MAGIC
2025-11-09 01:15:05
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot