๐บ๐ธ
oncord
2026-03-05 22:12:51
(3 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-12-27 20:38:28
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 15:38:23.042652 2025] [security2:error] [pid 32638:tid 32638] [client 209.50.165.74:12459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexissteinrauf.com"] [uri "/.svn/wc.db"] [unique_id "aVBDvxNhXMSIzRGVsIQ3gwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 17:51:01
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 12:50:53.466215 2025] [security2:error] [pid 23637:tid 23637] [client 209.50.165.74:49289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loneoakhoney.com"] [uri "/.svn/wc.db"] [unique_id "aVAcfUR7QJmqBN73kdjZzQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-26 05:20:14
(6 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ฎ๐น
VHosting
2025-12-23 20:00:25
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
Anonymous
2025-12-06 21:36:40
(6 months ago)
botnet
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:55:23
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:55:14.377360 2025] [security2:error] [pid 23704:tid 23704] [client 209.50.165.74:45493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.uglykid.net"] [uri "/.git/HEAD"] [unique_id "aSQdctEAa6SH7yBibyk7SAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:46:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:45:20.141139 2025] [security2:error] [pid 3088:tid 3088] [client 209.50.165.74:21231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fables4teenagers.com"] [uri "/.env"] [unique_id "aSPw8B6xIR1QBzQbXObxEQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 04:58:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:58:28.796734 2025] [security2:error] [pid 5170:tid 5190] [client 209.50.165.74:46279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.potonthefire.andyboynton.com"] [uri "/.svn/wc.db"] [unique_id "aSPl9OQIVFuTkiCAsDT56AAAAVE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 04:33:02
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.165.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:47.112520 2025] [security2:error] [pid 28174:tid 28174] [client 209.50.165.74:15005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.drstiso.com"] [uri "/.env"] [unique_id "aSPf7yCAaVaJoHc7hl4LigAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-29 08:44:41
(8 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐ฎ๐น
Rosh
2025-10-26 17:23:02
(8 months ago)
[10/26/25 18:23:02] SSH: authentication failure
Brute-Force
SSH
๐ง๐ท
hostseries
2025-10-25 03:18:25
(8 months ago)
Trigger: LF_DISTATTACK
Brute-Force
๐จ๐ฆ
wil.com
2025-10-14 01:58:56
(8 months ago)
GlobalProtect login attempts with user schoemij.
VPN IP
Brute-Force
Anonymous
2025-10-07 12:30:53
(8 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.07 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.07 is noted in report timestamp
show less
Hacking
Brute-Force