๐บ๐ธ
--KBXX--
2026-07-10 23:01:54
(5 days ago)
bfa, m365
Brute-Force
๐ง๐ช
voormedia
2026-04-20 12:44:35
(2 months ago)
Accessed trap at '/wp-login.php'
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2026-04-07 22:41:40
(3 months ago)
2026-04-08 00:41:40 (CET) ~ Blocked by abusescan risk assessment
Web App Attack
๐จ๐ญ
Origon
2026-02-19 02:09:29
(4 months ago)
http-sensitive-files - IP: 104.167.19.28 - time="2026-02-19T03:09:29+01:00" level=info msg="(555f66 ...
show more
http-sensitive-files - IP: 104.167.19.28 - time="2026-02-19T03:09:29+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.167.19.28 (US/200373) : 4h ban on Ip 104.167.19.28" module=db
show less
Web App Attack
๐ณ๐ฑ
MM-bot
2026-02-18 22:50:13
(4 months ago)
URL-probe: HTTP/1.1 GET request on /app/.env (2026-02-18 23:50:13 UTC+1)
Web App Attack
Hacking
๐บ๐ธ
mnsf
2026-02-18 18:05:56
(4 months ago)
Too many Status 40X (12)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐ง๐ช
DrLex0
2026-01-09 05:46:31
(6 months ago)
Suspect single hit only to guestbook page prohibited by robots.txt, from multiple IPs in the same ra ...
show more
Suspect single hit only to guestbook page prohibited by robots.txt, from multiple IPs in the same ranges owned by DREI-K-TECH-GMBH, DE
show less
Bad Web Bot
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-29 14:01:09
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
Anonymous
2025-12-23 19:25:47
(6 months ago)
wordpress-trap
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 10:47:53
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:47:48.705482 2025] [security2:error] [pid 12316:tid 12316] [client 104.167.19.28:59239] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.youthriskbehaviorbook.com"] [uri "/.svn/wc.db"] [unique_id "aSba1FTQLZCCTmbMiOvrSQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 05:52:05
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:52:02.336519 2025] [security2:error] [pid 3538474:tid 3538629] [client 104.167.19.28:25779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.humanresourcescertification.org.aafm.us"] [uri "/.svn/wc.db"] [unique_id "aSaVgl3wcnJA0sU4fUskUAAAAkU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 05:04:24
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:04:19.020889 2025] [security2:error] [pid 24297:tid 24297] [client 104.167.19.28:26003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nealandmichaeledesign.com"] [uri "/.svn/wc.db"] [unique_id "aSaKUyUkmBsYQzHot593fgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:11:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.167.19.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:11:29.800332 2025] [security2:error] [pid 10825:tid 10825] [client 104.167.19.28:46985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thomaschemicals.com"] [uri "/.git/HEAD"] [unique_id "aSUeYZugWa1DfwII-J8x6AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-14 12:50:28
(8 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐ฌ๐ง
D3monite
2025-10-27 09:53:34
(8 months ago)
Attempted Brute Force (cpaneld)
Brute-Force