๐ณ๐ฑ
ParaBug
2026-07-17 15:04:44
(15 hours ago)
65.111.2.23 - - [17/Jul/2026:17:04:42 +0200] "GET http://www.antik-wagon.com/sitemap.xml HTTP/1.1" 3 ...
show more
65.111.2.23 - - [17/Jul/2026:17:04:42 +0200] "GET http://www.antik-wagon.com/sitemap.xml HTTP/1.1" 301 491 "-" "Mozilla/5.0"
...
show less
Phishing
Brute-Force
Web App Attack
๐ฉ๐ช
stinpriza
2026-07-12 05:01:10
(6 days ago)
Web App Attack
Web App Attack
๐ช๐ธ
librebit
2026-06-24 05:28:27
(3 weeks ago)
Brute force
Brute-Force
๐ซ๐ท
solution.it
2026-06-11 14:16:58
(1 month ago)
[Thu Jun 11 16:16:57.900288 2026] [php7:error] [pid 2912051:tid 2912051] [client 65.111.2.23:62671] ...
show more
[Thu Jun 11 16:16:57.900288 2026] [php7:error] [pid 2912051:tid 2912051] [client 65.111.2.23:62671] script '/var/www/html/wp-login.php' not found or unable to stat
show less
Web App Attack
๐ฎ๐น
VHosting
2026-06-10 18:55:03
(1 month ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ฎ
kumiko
2026-02-23 13:07:33
(4 months ago)
[2026-02-23 15:07:33] Probing for dotfiles
"GET /.git/config HTTP/1.1" 301
Bad Web Bot
Web App Attack
Anonymous
2026-02-11 09:01:00
(5 months ago)
SMS pumping
DDoS Attack
VPN IP
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 21:37:32
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:37:22.929219 2026] [security2:error] [pid 11854:tid 11854] [client 65.111.2.23:26611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garnersystems.com"] [uri "/config/.env"] [unique_id "aYpTkvvACN27YXnxTbRZAwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 20:57:53
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:57:43.698960 2026] [security2:error] [pid 22911:tid 22911] [client 65.111.2.23:34569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gandmaquatics.com"] [uri "/api/.env"] [unique_id "aYpKR2Tysbhwa_VO8nx6ZQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-09 19:10:38
(5 months ago)
Blocking for trying to access an exploit file: /config/.env
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-09 07:54:09
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 02:54:00.711628 2026] [security2:error] [pid 1814935:tid 1814935] [client 65.111.2.23:19693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fvsllc.com"] [uri "/admin/.git/config"] [unique_id "aYmSmE9byIhQJJNFNCgoPAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 03:25:39
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 22:25:31.970580 2026] [security2:error] [pid 23019:tid 23019] [client 65.111.2.23:26057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuentevictoria.com"] [uri "/admin/.env"] [unique_id "aYlTq_LpeU6Q_AdTXVZzZwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-08 21:25:44
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 16:25:39.450340 2026] [security2:error] [pid 11415:tid 11436] [client 65.111.2.23:11589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furball.co.uk"] [uri "/.svn/wc.db"] [unique_id "aYj_U2lMBT6NfTtPJcuWjAAAAJM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2025-12-23 18:45:24
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2025-11-25 05:42:44
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.2.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 00:42:38.005042 2025] [security2:error] [pid 18889:tid 18889] [client 65.111.2.23:58683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.dreamscometruefilms.com"] [uri "/.svn/wc.db"] [unique_id "aSVBzp1UmUn3ZscpiUnAowAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack