๐ง๐ท
Francisco Carlos
2026-07-13 13:54:53
(9 hours ago)
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: git-leak. Sample: GET /.gi ...
show more
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: git-leak. Sample: GET /.git/config
show less
Bad Web Bot
Web App Attack
๐จ๐ฆ
SSH-Admin
2026-02-07 17:12:28
(5 months ago)
Probing for Exploits
Exploited Host
Web App Attack
Anonymous
2026-01-27 16:44:08
(5 months ago)
2026-01-27T18:44:07.586474+02:00 zanati wp(www.sahpa.co.za)[786174]: Blocked authentication attempt ...
show more
2026-01-27T18:44:07.586474+02:00 zanati wp(www.sahpa.co.za)[786174]: Blocked authentication attempt for [email protected] from 65.111.23.4
...
show less
Web App Attack
Anonymous
2026-01-05 20:09:18
(6 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp
show less
Hacking
Brute-Force
๐จ๐ฆ
SSH-Admin
2025-12-27 13:45:08
(6 months ago)
Probing for Exploits
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 09:07:28
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:07:23.848076 2025] [security2:error] [pid 18107:tid 18107] [client 65.111.23.4:41929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinepetsuperstore.banis-associates.com"] [uri "/.env"] [unique_id "aSQgS1brZ3SlkrgXOe4pqQAAADo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:59:44
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:59:39.405855 2025] [security2:error] [pid 15229:tid 15229] [client 65.111.23.4:46083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wastetrack.io.wwts.io"] [uri "/.env"] [unique_id "aSQCW96u69knh7tiOYUL_AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:16:41
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:16:26.009307 2025] [security2:error] [pid 3339039:tid 3339039] [client 65.111.23.4:34155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.newcitypark.com"] [uri "/.env"] [unique_id "aSPqKuuYEbVe71hg2kitQwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 03:20:11
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:19:52.928262 2025] [security2:error] [pid 10626:tid 10626] [client 65.111.23.4:30621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.teknna.com"] [uri "/.svn/wc.db"] [unique_id "aSPO2IusbrG0fFUxvZOQzQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-14 07:01:51
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 02:01:45.704420 2025] [security2:error] [pid 1062:tid 1062] [client 65.111.23.4:50669] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.wichita-massacre.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.wichita-massacre.com"] [uri "/s3cmd.ini"] [unique_id "aRbT2QAHbsdgDc3GSYw9HgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2025-11-13 01:42:22
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-10-12 15:13:56
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 11:13:52.812359 2025] [security2:error] [pid 32005:tid 32005] [client 65.111.23.4:33313] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ferhardi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ferhardi.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aOvFsCFenvO2rLug5x1SDQAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nowyouknow
2025-10-08 17:30:42
(9 months ago)
(From [email protected] ) Hello,,
for your wakespinerehab.com website to be shown in Web Sear ...
show more
(From [email protected] ) Hello,,
for your wakespinerehab.com website to be shown in Web Search Results it needs to be indexed by Search Engines.
Register wakespinerehab.com at https://searchregister.net
show less
Phishing
Web Spam
๐บ๐ธ
TPI-Abuse
2025-02-11 18:21:40
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 65.111.23.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 11 13:21:34.943355 2025] [security2:error] [pid 1447107:tid 1447107] [client 65.111.23.4:43461] [client 65.111.23.4] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||grandpont-house.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "grandpont-house.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z6uVLhV5sZFtFnTyt6l0nwAAABo"], referer: https://grandpont-house.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
hostseries
2024-11-03 02:59:06
(1 year ago)
Trigger: LF_DISTATTACK
Brute-Force