๐ซ๐ท
Dade
2026-06-26 06:18:31
(1 week ago)
Fail2Ban banned 65.111.4.223 for security violations in jail wp-armour. Log: 2026/06/26 06:18:31 [er ...
show more
Fail2Ban banned 65.111.4.223 for security violations in jail wp-armour. Log: 2026/06/26 06:18:31 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 65.111.4.223 | Target: wplogin" , client: 65.111.4.223, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ซ๐ฎ
as211431.net
2026-05-26 02:07:59
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /index.php
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.2 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
Anonymous
2026-03-19 14:28:35
(3 months ago)
Forum/form spam
Web Spam
๐ฌ๐ง
relianoid.com
2026-02-16 05:27:31
(4 months ago)
POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com
Web Spam
๐ณ๐ฑ
homeshowdomain.nl
2026-02-13 22:59:52
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-13
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-13 09:04:30
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:04:23.813714 2026] [security2:error] [pid 2686:tid 2686] [client 65.111.4.223:32323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lancemarthaler.com"] [uri "/.env.local"] [unique_id "aY7pF-ld0c9PYkanwROHXgAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 06:47:18
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:47:12.187720 2026] [security2:error] [pid 31110:tid 31110] [client 65.111.4.223:10843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristywernerauthor.com"] [uri "/new/.git/config"] [unique_id "aY7I8BMiul3eMPYrRB9jIgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 05:27:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:27:03.701434 2026] [security2:error] [pid 13040:tid 13040] [client 65.111.4.223:58507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "knoxvillelimos.com"] [uri "/api/.git/config"] [unique_id "aY62JzdKa2foRgiIuvKA8wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 04:58:52
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:58:43.650491 2026] [security2:error] [pid 23158:tid 23158] [client 65.111.4.223:58087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kletzer.com"] [uri "/frontend/.env"] [unique_id "aY6vg_cDc4a9PY0VuK7g3QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-02-12 18:44:14
(4 months ago)
F2B - Malicious activity detected. URL Probing.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-12 17:33:41
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:33:37.662092 2026] [security2:error] [pid 24941:tid 24941] [client 65.111.4.223:41243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigchus.com"] [uri "/.env"] [unique_id "aY4O8Rdlf__JWOT0QnsrvgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
IROK
2026-02-12 15:54:51
(4 months ago)
Firewall Blocked - Unauthorized Port Scanning
...
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-12 14:59:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 09:58:56.399532 2026] [security2:error] [pid 30908:tid 30908] [client 65.111.4.223:49303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "automationmp.com"] [uri "/.git/config"] [unique_id "aY3qsH0LqhH3bBFV4OMGrwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-12 14:40:11
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.4.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 09:40:06.062263 2026] [security2:error] [pid 1791104:tid 1791104] [client 65.111.4.223:61193] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arsndetx.com"] [uri "/.git/config"] [unique_id "aY3mRgjhCLzpirMczn6F2AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack