๐ซ๐ท
RootOPSOVH
2026-07-11 02:52:18
(1 day ago)
GET /wp-admin/install.php?step=1 | UA: http://rootops.ovh/wp-admin/install.php?step=1
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
FreeMyIP
2026-07-10 03:32:00
(2 days ago)
Automated fail2ban report: web application attack / scanning for exploitable paths.
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-07 14:08:21
(5 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
mawan
2026-07-06 17:21:43
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2026-06-25 23:25:44
(2 weeks ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-23 13:35:20
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 09:35:15.891832 2026] [security2:error] [pid 10992:tid 10992] [client 104.23.223.45:14056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rfinderradios.suffolksystems.com"] [uri "/.git/config"] [unique_id "ajqLk6sOkWo4xrxezdFwzQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 08:10:08
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:10:02.252996 2026] [security2:error] [pid 7368:tid 7368] [client 104.23.223.45:9656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackstarmgmt.com"] [uri "/.git/config"] [unique_id "ajT5Wg1HgzKE_WbimtQU1gAAAAw"], referer: https://www.google.com/search?q=blackstarmgmt.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 11:51:52
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:51:47.632096 2026] [security2:error] [pid 19218:tid 19218] [client 104.23.223.45:13770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianstomp.com.joshuashands.org"] [uri "/.git/config"] [unique_id "ajKKU8NLwSRVXMWAOlQxyAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-13 01:18:12
(4 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
strxmpp
2026-06-09 22:49:59
(1 month ago)
104.23.223.45 - - [10/Jun/2026:00:49:59 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 670 " ...
show more
104.23.223.45 - - [10/Jun/2026:00:49:59 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 670 "-" "http://in-hagello.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐ณ๐ด
jad-abuse
2026-06-09 16:34:55
(1 month ago)
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Ob ...
show more
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-09 16:34:55
(1 month ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 0 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 03:11:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:10:56.350646 2026] [security2:error] [pid 19508:tid 19508] [client 104.23.223.45:13189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seishin-kan.pellman-world.com"] [uri "/.git/config"] [unique_id "aieEQCNoLCL88NRP51iTIgAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
oncord
2026-06-04 21:12:33
(1 month ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2026-05-21 19:41:21
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 104.23.223.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 15:41:13.144745 2026] [security2:error] [pid 15412:tid 15412] [client 104.23.223.45:9751] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "pleasejustfixit.org.cescfoundation.org"] [uri "/.env.development"] [unique_id "ag9f2ZRi4_S35X3FfX7UmAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack