πΊπΈ
TPI-Abuse
2026-06-10 08:44:38
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:44:32.296724 2026] [security2:error] [pid 26391:tid 26391] [client 104.207.63.44:54781] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bikinitweets.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bikinitweets.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aikj8IoVYxVXpTOi_sgpNwAAABA"], referer: https://t.co/
show less
Brute-Force
Bad Web Bot
Web App Attack
π±π»
garmtech.com
2026-03-09 01:26:43
(3 months ago)
IM360 WAF: Attempt to upload malware
Hacking
2026-02-11 09:01:00
(3 months ago)
SMS pumping
DDoS Attack
VPN IP
Bad Web Bot
Web App Attack
π¨π¦
SSH-Admin
2026-02-07 17:12:28
(4 months ago)
Probing for Exploits
Exploited Host
Web App Attack
π¨π¦
SSH-Admin
2025-12-27 13:45:08
(5 months ago)
Probing for Exploits
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-10 00:25:07
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 19:25:01.050296 2025] [security2:error] [pid 9418:tid 9418] [client 104.207.63.44:14843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ekur-art.com"] [uri "/.git/HEAD"] [unique_id "aTi93ThG2mKhnjYtCvVouwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-09 22:56:24
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 17:56:19.488849 2025] [security2:error] [pid 21218:tid 21218] [client 104.207.63.44:21309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "villagestoner.com"] [uri "/.svn/wc.db"] [unique_id "aTipE2MBTbq5VOfogx2T3QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-09 07:06:58
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 02:06:52.412320 2025] [security2:error] [pid 13665:tid 13665] [client 104.207.63.44:49681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thehealthyplaceclayton.com"] [uri "/.git/HEAD"] [unique_id "aTfKjNxw_DzOzEHyhtn5hwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
jjnxpct
2025-12-07 04:54:38
(6 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-06 01:07:14
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 20:07:07.655883 2025] [security2:error] [pid 3927:tid 3951] [client 104.207.63.44:23263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coloradomountain.homes"] [uri "/.git/HEAD"] [unique_id "aTOBuwuo3vAuNYGZZH8VHwAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-05 08:21:07
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 03:21:00.858606 2025] [security2:error] [pid 25372:tid 25372] [client 104.207.63.44:25993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "donalep.com"] [uri "/.git/HEAD"] [unique_id "aTKV7MLYQ0WtjDNNiuC9LgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-04 23:46:39
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 18:45:57.484285 2025] [security2:error] [pid 16529:tid 16529] [client 104.207.63.44:12223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dankent.com"] [uri "/.env"] [unique_id "aTIdNc2HbRcYKnv0MyJzNgAAAHo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2025-10-19 07:43:31
(7 months ago)
Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.19 is noted in report ti ...
show more
Attempted brute force login to web vpn 18 time(s); last attempt for 2025.10.19 is noted in report timestamp
show less
Hacking
Brute-Force
2025-10-18 18:57:46
(7 months ago)
Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.18 is noted in report ti ...
show more
Attempted brute force login to web vpn 72 time(s); last attempt for 2025.10.18 is noted in report timestamp
show less
Hacking
Brute-Force
2025-10-17 22:37:29
(7 months ago)
Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.17 is noted in report ti ...
show more
Attempted brute force login to web vpn 36 time(s); last attempt for 2025.10.17 is noted in report timestamp
show less
Hacking
Brute-Force