๐ง๐ช
boxed-it
2026-07-03 01:17:41
(3 days ago)
GET /.git/HEAD?_=wuPeuIm1 (Tarpitted for 1d15h8m28s, wasted 8.06MB)
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 22:29:11
(3 days ago)
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-01 22:00:36
(4 days ago)
Auto-ban: >3000 req/min op 2026-07-01
Web App Attack
SSH
Hacking
๐ฉ๐ช
Hugopvigo
2026-07-01 20:56:36
(4 days ago)
"2026-07-01 20:56:36+00:00 195.160.223.246 IP con score alto (100) detectada en el log."
Brute-Force
SSH
๐ช๐ธ
NullBlue
2026-07-01 19:08:28
(4 days ago)
Bad web bot / recon against honeypot. Captured by NullBlue67 honeypot.
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 15:54:13
(5 days ago)
Reported from Nginx log analysis 19. Log: 195.160.223.246 - - [01/Jul/2026:xx:xx:xx 0200] "GET /non ...
show more
Reported from Nginx log analysis 19. Log: 195.160.223.246 - - [01/Jul/2026:xx:xx:xx 0200] "GET /nonexistent-164604511MxTOeToF.php?_=K9wKaH3Z HTTP/1.1" xxx xxx "https://bing.com/search" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" "212.145.240.4, 72.179.76.81, 127.0.0.1" "NL The Netherlands Haarlem" "AS43641" "SOLLUTIUM EU Sp z.o.o." | 195.160.223.246 - - [01/Jul/2026:xx:xx:xx 0200] "GET /zz164604511notreal.txt?_=xD2OudiS HTTP/1.1" xxx xxx "https://www.google.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Mobile/15E148 Safari/604.1" "134.135.171.80, 121.96.4.16, 127.0.0.1" "NL The Netherlands Haarlem" "AS43641" "SOLLUTIUM EU Sp z.o.o."
show less
Port Scan
Brute-Force
SSH
๐ธ๐ช
peterh
2026-07-01 13:13:00
(5 days ago)
Phishing
Hacking
๐จ๐ฆ
Roper123
2026-07-01 11:46:13
(5 days ago)
Web exploits
Hacking
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2026-07-01 10:55:21
(5 days ago)
(mod_security) mod_security (id:949110) triggered by 195.160.223.246 (dedicated.sollutium.com): N in ...
show more
(mod_security) mod_security (id:949110) triggered by 195.160.223.246 (dedicated.sollutium.com): N in the last X secs
show less
Web App Attack
๐ฌ๐ง
SilverZippo
2026-07-01 10:55:02
(5 days ago)
Web App Attack
Web App Attack
๐ฉ๐ช
DEV-DNS
2026-07-01 10:54:52
(5 days ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐น๐ท
Threat.live
2026-07-01 10:45:02
(5 days ago)
Suspicious Connection Attempts
Brute-Force
๐ฉ๐ช
Hugopvigo
2026-07-01 10:43:12
(5 days ago)
[Wed Jul 01 12:43:11.676922 2026] [authz_core:error] [pid 2560355:tid 134680319874752] [client 195.1 ...
show more
[Wed Jul 01 12:43:11.676922 2026] [authz_core:error] [pid 2560355:tid 134680319874752] [client 195.160.223.246:38964] AH01630: client denied by server configuration: /var/www/html/wordpress/.git, referer: https://www.google.com/
[Wed Jul 01 12:43:11.688263 2026] [authz_core:error] [pid 2560355:tid 134679957067456] [client 195.160.223.246:38964] AH01630: client denied by server configuration: /var/www/html/wordpress/.git
[Wed Jul 01 12:43:11.699552 2026] [authz_core:error] [pid 2560355:tid 134679931889344] [client 195.160.223.246:38964] AH01630: client denied by server configuration: /var/www/html/wordpress/.git, referer: https://www.google.com/
[Wed Jul 01 12:43:11.710846 2026] [authz_core:error] [pid 2560355:tid 134679812363968] [client 195.160.223.246:38964] AH01630: client denied by server configuration: /var/www/html/wordpress/.git, referer: https://www.google.com/
[Wed Jul 01 12:43:11.722195 2026] [authz_core:error] [pid 2560355:tid 134679973852864] [client 195.160.223.246:38964]
...
show less
Hacking
Brute-Force
Web App Attack
SSH
๐ฌ๐ท
setupgr
2026-07-01 10:43:03
(5 days ago)
(mod_security) mod_security (id:9999001) triggered by 195.160.223.246 (NL/The Netherlands/North Holl ...
show more
(mod_security) mod_security (id:9999001) triggered by 195.160.223.246 (NL/The Netherlands/North Holland/Haarlem/-/[AS43641 SOLLUTIUM-NL]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 01 13:43:02.812127 2026] [security2:error] [pid 2924974:tid 2925116] [client 195.160.223.246:58132] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^154\\\\.57\\\\.7\\\\.73$" at REQUEST_HEADERS:host. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "154"] [id "9999001"] [msg "Direct incoming request to server shared IP blocked by admin"] [hostname "154.57.7.73"] [uri "/nonexistent-243065084mQkmqpro.php"] [unique_id "akTvNkH3HLZ1hd_Ltc9aZgAAA9A"], referer: https://duckduckgo.com/
show less
Port Scan
๐ซ๐ท
masterguru
2026-07-01 10:42:54
(5 days ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 195.160.223.246 (NL/The Netherlands/dedicated. ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 195.160.223.246 (NL/The Netherlands/dedicated.sollutium.com): 1 in the last 3600 secs (0-195)
show less
Hacking