๐ฉ๐ช
SCHAPPY
2026-07-02 07:59:18
(9 hours ago)
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST c ...
show more
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST counter 1 is greater than GET counter 0, captcha counter for /wp-login.php by 65.111.23.189.
show less
Web Spam
๐บ๐ธ
lostswordfish.com
2026-06-30 04:20:06
(2 days ago)
Wordfence waf block on hope4scranton
Web App Attack
๐ฉ๐ช
Tha_14
2026-06-30 01:39:06
(2 days ago)
Bad Web Bot
๐ฉ๐ช
iNetWorker
2026-06-29 22:33:34
(2 days ago)
trolling for resource vulnerabilities
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-28 04:15:36
(4 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-13 01:41:59
(2 weeks ago)
[Sat Jun 13 11:41:58.231274 2026] [security2:error] [pid 725523] [client 65.111.23.189:47829] [clien ...
show more
[Sat Jun 13 11:41:58.231274 2026] [security2:error] [pid 725523] [client 65.111.23.189:47829] [client 65.111.23.189] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "aiy1ZrqZSgTiOZ8RvmVXbAAAAAo"]
...
show less
Web App Attack
๐ฌ๐ง
PeravixGroup
2026-06-11 01:50:37
(3 weeks ago)
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ...
show more
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host
๐ง๐ช
voormedia
2026-02-26 00:52:07
(4 months ago)
Accessed trap at '/xmlrpc.php'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 13:55:19
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:55:12.813586 2026] [security2:error] [pid 32604:tid 32604] [client 65.111.23.189:34181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leansixsigmatransformation.com"] [uri "/frontend/.env"] [unique_id "aY8tQFOOVrNRW2RxGqKRMAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 13:11:00
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:10:53.827313 2026] [security2:error] [pid 5426:tid 5426] [client 65.111.23.189:34565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikelynchphoto.com"] [uri "/.env.local"] [unique_id "aY8i3e3av29zzqKcpk1FTgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 05:04:07
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:04:00.760741 2026] [security2:error] [pid 32651:tid 32651] [client 65.111.23.189:38509] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matchsticbranding.agency"] [uri "/.env"] [unique_id "aY6wwItSvrK2e8xQiW_43gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 03:23:41
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:23:37.881537 2026] [security2:error] [pid 12611:tid 12611] [client 65.111.23.189:29331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mardensmith.com"] [uri "/dev/.git/config"] [unique_id "aY6ZOQDgWi-c8A1XG9O1FwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 01:08:57
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 20:08:49.870750 2026] [security2:error] [pid 1076:tid 1076] [client 65.111.23.189:30053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maeghanan.com"] [uri "/api/.env"] [unique_id "aY55oXhWeiBtDgMI6YV-GwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-12 16:17:12
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:17:07.163873 2026] [security2:error] [pid 32497:tid 32497] [client 65.111.23.189:59469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "donnysimonton.com"] [uri "/.git/config"] [unique_id "aY39A72i04IZp3YSR-vdlAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-12 15:12:37
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 10:12:31.857248 2026] [security2:error] [pid 8122:tid 8122] [client 65.111.23.189:11599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coyotebytes.com"] [uri "/.git/config"] [unique_id "aY3t3-AtysUlHGRroeu51AAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack