๐ซ๐ท
tecnicorioja
2026-07-07 22:02:51
(10 hours ago)
POST /xmlrpc.php [07/Jul/2026:14:20:43
Web App Attack
Brute-Force
๐บ๐ธ
lostswordfish.com
2026-07-07 21:48:03
(10 hours ago)
Wordfence waf block on ohrsol
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-04 14:28:04
(3 days ago)
IM360 WAF: Prohibited WordPress username login/registration
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-29 23:03:49
(1 week ago)
(y4) Failed scan -byebye- from 65.111.28.60 (IT/Italy/-): (CF_ENABLE)
Hacking
๐ฉ๐ช
LRob
2026-06-24 01:30:18
(2 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
zam
2026-06-22 10:50:44
(2 weeks ago)
65.111.28.60 - - [22/Jun/2026:10:50:42 +0000] "POST /wp-login.php HTTP/1.1" 404 27293
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-21 17:06:40
(2 weeks ago)
(y4) Failed scan -byebye- from 65.111.28.60 (IT/Italy/-): (CF_ENABLE)
Hacking
๐ซ๐ฎ
inlink.ltd
2026-05-19 22:26:08
(1 month ago)
Known malicious PHP file or CMS probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 13:02:05
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 08:01:57.916569 2026] [security2:error] [pid 30570:tid 30570] [client 65.111.28.60:34233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||voodooshop.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "voodooshop.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZhbRXbobvumrGcNSvogdwAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2026-02-09 06:47:20
(4 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
Anonymous
2026-01-05 20:24:50
(6 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp
show less
Hacking
Brute-Force
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-29 14:01:39
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-11-26 10:37:12
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:37:06.848091 2025] [security2:error] [pid 6858:tid 6858] [client 65.111.28.60:21781] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.oldcuyama.com"] [uri "/.git/HEAD"] [unique_id "aSbYUgGd-hTojUm88iJSNAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 10:17:25
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:17:22.100739 2025] [security2:error] [pid 16968:tid 16968] [client 65.111.28.60:26877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.jasbemarketing.com"] [uri "/.svn/wc.db"] [unique_id "aSbTstuunnONICosVreGvgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 03:04:13
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.28.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:04:08.536489 2025] [security2:error] [pid 18582:tid 18582] [client 65.111.28.60:59407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.lan0.net"] [uri "/.git/HEAD"] [unique_id "aSZuKAFzxFvkfCC00XO4jwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack