๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(2 months ago)
"DDoS against public endpoint"
DDoS Attack
๐ฌ๐ง
openstrike.co.uk
2026-02-16 06:13:06
(3 months ago)
12 attacks on VC URLs, password grabbing URLs, env grabbing URLs:
GET /api/.git/config HTTP/1.1
GET ...
show more
12 attacks on VC URLs, password grabbing URLs, env grabbing URLs:
GET /api/.git/config HTTP/1.1
GET /.aws/credentials HTTP/1.1
GET /config/.env HTTP/1.1
show less
Hacking
2026-02-15 13:18:45
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ณ๐ฑ
MM-bot
2026-02-15 12:35:28
(3 months ago)
URL-probe: HTTP/1.1 GET request on /wp/.git/config (2026-02-15 13:35:28 UTC+1)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 12:19:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:19:15.004567 2026] [security2:error] [pid 20627:tid 20627] [client 104.207.57.250:60243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualtacon.com"] [uri "/wp/.git/config"] [unique_id "aZG5wz4Z67FHQPGMMRfR0QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 11:31:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:31:01.636594 2026] [security2:error] [pid 30259:tid 30259] [client 104.207.57.250:36373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ozera.com"] [uri "/frontend/.env"] [unique_id "aZGudQBLBVLUkh7Ed2qXiAAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-02-15 10:57:00
(3 months ago)
(mod_security) mod_security triggered on hostname [redacted] 104.207.57.250 (DE/Germany/-)
SQL Injection
๐ฉ๐ช
big-cloud.nl
2026-02-15 06:45:43
(3 months ago)
Try to access /app/.env
Web App Attack
๐บ๐ธ
mnsf
2026-02-15 06:07:29
(3 months ago)
Too many Status 40X (12)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-02-15 05:54:15
(3 months ago)
http-sensitive-files - IP: 104.207.57.250 - time="2026-02-15T06:54:15+01:00" level=info msg="(555f6 ...
show more
http-sensitive-files - IP: 104.207.57.250 - time="2026-02-15T06:54:15+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.57.250 (DE/200373) : 4h ban on Ip 104.207.57.250" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 05:35:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:35:46.955262 2026] [security2:error] [pid 22104:tid 22130] [client 104.207.57.250:59967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "priyom.us"] [uri "/wp/.git/config"] [unique_id "aZFbMpdbqspsQW1awXA_-QAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 03:52:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:52:34.790154 2026] [security2:error] [pid 26546:tid 26546] [client 104.207.57.250:30655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salazartransfers.com"] [uri "/new/.git/config"] [unique_id "aZFDAn_JsiTTiGgV6osrrgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 02:42:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:42:29.770670 2026] [security2:error] [pid 6270:tid 6270] [client 104.207.57.250:11205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pluscures.com"] [uri "/admin/.git/config"] [unique_id "aZEylYvJQQyxaTGBB1VILgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 02:22:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:22:23.213797 2026] [security2:error] [pid 30642:tid 30642] [client 104.207.57.250:13783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rudiscreations.org"] [uri "/.env"] [unique_id "aZEt3wUwv09461rm2ONSdAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 01:56:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:56:07.844406 2026] [security2:error] [pid 3713:tid 3713] [client 104.207.57.250:30811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "network22.net"] [uri "/backup/.git/config"] [unique_id "aZEnt7q9HwgY_hH2cGUX0wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack