๐บ๐ธ
--KBXX--
2026-07-10 23:01:54
(1 week ago)
bfa, m365
Brute-Force
๐ซ๐ท
Sklurk
2026-07-09 00:46:22
(1 week ago)
Web App Attack
Web App Attack
๐ฌ๐ง
PeravixGroup
2026-06-11 01:48:52
(1 month ago)
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ...
show more
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host
๐ฉ๐ช
Hazzard
2026-05-23 17:18:48
(1 month ago)
(wordpress) Failed wordpress login from 65.111.12.156 (US/United States/Virginia/Ashburn/-/[redacted ...
show more
(wordpress) Failed wordpress login from 65.111.12.156 (US/United States/Virginia/Ashburn/-/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐ซ๐ท
masterguru
2026-05-10 04:55:13
(2 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the last 3600 secs (0-197)
show less
Hacking
๐ซ๐ท
masterguru
2026-04-26 17:43:36
(2 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the last 3600 secs (0-197)
show less
Hacking
๐ฎ๐น
[email protected]
2026-04-19 05:24:35
(3 months ago)
[Sun Apr 19 07:24:34.328496 2026] [authz_core:error] [pid 810987:tid 811060] [remote 65.111.12.156:2 ...
show more
[Sun Apr 19 07:24:34.328496 2026] [authz_core:error] [pid 810987:tid 811060] [remote 65.111.12.156:22911] AH01630: client denied by server configuration: /var/www/html/MyWeb/Wordpress_www/wp-login.php
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-04-14 02:08:13
(3 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the last 3600 secs (0-193)
show less
Hacking
๐ซ๐ท
masterguru
2026-04-13 10:33:07
(3 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 65.111.12.156 (US/United States/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-01-07 19:29:53
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 14:29:49.270386 2026] [security2:error] [pid 10628:tid 10628] [client 65.111.12.156:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/.git/HEAD"] [unique_id "aV60LdI8dAYlBYRW3ZONJgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 06:17:32
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:17:25.696641 2025] [security2:error] [pid 31633:tid 31633] [client 65.111.12.156:32723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ezekielproductions.com"] [uri "/.svn/wc.db"] [unique_id "aVIc9YTWqGOeJmX2OH_fjgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 05:10:54
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:10:47.346499 2025] [security2:error] [pid 32209:tid 32209] [client 65.111.12.156:31363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liberlibro.com"] [uri "/.svn/wc.db"] [unique_id "aVINV4ybX9K3cNC4RNeCEQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 04:07:51
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.12.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:07:46.461578 2025] [security2:error] [pid 30850:tid 30850] [client 65.111.12.156:17011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seskalee.com"] [uri "/.git/HEAD"] [unique_id "aVH-kj9yYTeabDFI1oON_AAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2025-12-23 20:05:22
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH