๐บ๐ธ
gu-alvareza
2026-06-30 07:05:48
(2 days ago)
Web.Server.Password.File.Access
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-30 01:51:19
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:51:12.544747 2026] [security2:error] [pid 8134:tid 8134] [client 172.69.251.172:10157] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||web92.dnchosting.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "web92.dnchosting.com"] [uri "/yarn-debug.log"] [unique_id "akMhEJ_0Y2vU-JDEo_Y8jwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 01:35:08
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:35:03.772157 2026] [security2:error] [pid 28261:tid 28261] [client 172.69.251.172:11764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web202.dnchosting.com"] [uri "/.htaccess"] [unique_id "akMdR0O90XbTpl8Jj_EeHAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-06-28 07:06:26
(4 days ago)
High error rate and elevated request volume targeting cPanel servers
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-28 03:32:47
(4 days ago)
(mod_security) mod_security (id:949110) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:32:42.249964 2026] [security2:error] [pid 20739:tid 20739] [client 172.69.251.172:9365] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "theshitmydadsays.com"] [uri "/tox.ini"] [unique_id "akCV2v1sm96BoITB3lvw2wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐น
Information Security
2026-06-27 03:28:44
(5 days ago)
Web App Attack
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-26 03:45:58
(6 days ago)
172.69.251.172 - - [26/Jun/2026:06:45:57 +0300] "GET /etc/passwd HTTP/1.1" 404 787 "-" "Mozilla/5.0 ...
show more
172.69.251.172 - - [26/Jun/2026:06:45:57 +0300] "GET /etc/passwd HTTP/1.1" 404 787 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
172.69.251.172 - - [26/Jun/2026:06:45:57 +0300] "GET /etc/passwd HTTP/1.1" 404 765 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 22:12:00
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:11:53.387402 2026] [security2:error] [pid 13640:tid 13640] [client 172.69.251.172:9995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "intrinsicreef.com"] [uri "/.htaccess"] [unique_id "ajsEqdxbzsHsHB6jSEYL6QAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-21 02:57:54
(1 week ago)
172.69.251.172 - - [21/Jun/2026:05:57:54 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 ...
show more
172.69.251.172 - - [21/Jun/2026:05:57:54 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
172.69.251.172 - - [21/Jun/2026:05:57:54 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-19 16:32:44
(1 week ago)
172.69.251.172 - - [19/Jun/2026:19:32:42 +0300] "GET /etc/passwd HTTP/1.1" 404 3332 "-" "Mozilla/5.0 ...
show more
172.69.251.172 - - [19/Jun/2026:19:32:42 +0300] "GET /etc/passwd HTTP/1.1" 404 3332 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-19 15:24:40
(1 week ago)
172.69.251.172 - - [19/Jun/2026:18:24:39 +0300] "GET /etc/passwd HTTP/1.1" 404 757 "-" "Mozilla/5.0 ...
show more
172.69.251.172 - - [19/Jun/2026:18:24:39 +0300] "GET /etc/passwd HTTP/1.1" 404 757 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
172.69.251.172 - - [19/Jun/2026:18:24:40 +0300] "GET /etc/passwd HTTP/1.1" 404 779 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
Lunix
2026-06-19 12:02:46
(1 week ago)
Brute-Force
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-18 04:10:04
(2 weeks ago)
172.69.251.172 - - [18/Jun/2026:07:09:23 +0300] "GET /etc/passwd HTTP/1.1" 404 788 "-" "Mozilla/5.0 ...
show more
172.69.251.172 - - [18/Jun/2026:07:09:23 +0300] "GET /etc/passwd HTTP/1.1" 404 788 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
172.69.251.172 - - [18/Jun/2026:07:10:03 +0300] "GET /etc/passwd HTTP/1.1" 404 766 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 03:36:30
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.251.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:36:27.296153 2026] [security2:error] [pid 13447:tid 13447] [client 172.69.251.172:9902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compassionfatigue.org"] [uri "/.htaccess"] [unique_id "ajNnu03GT_BV5A6bmdvcWwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-17 08:35:43
(2 weeks ago)
Aggressive web scan
Web App Attack