๐ซ๐ท
Sklurk
2026-07-09 01:11:15
(3 days ago)
Web App Attack
Web App Attack
๐ซ๐ท
pm33
2026-07-06 10:02:12
(5 days ago)
Wordpress login attempts
Brute-Force
๐ซ๐ท
Sklurk
2026-06-20 03:26:43
(3 weeks ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-21 20:21:56
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 15:21:50.915081 2026] [security2:error] [pid 31296:tid 31296] [client 209.50.179.168:57259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trafficstopper.com"] [uri "/.git/HEAD"] [unique_id "aXE1XsOhB4kLVqu2qAH3NAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-01-20 21:42:56
(5 months ago)
Blocking for trying to access an exploit file: /.env
Hacking
Anonymous
2025-12-30 08:35:33
(6 months ago)
"GET /.aws/credentials HTTP/1.1"
Hacking
Web App Attack
Anonymous
2025-12-29 00:53:55
(6 months ago)
2025-12-29T02:53:55.529117+02:00 zanati wp(www.sahpa.co.za)[398571]: Blocked authentication attempt ...
show more
2025-12-29T02:53:55.529117+02:00 zanati wp(www.sahpa.co.za)[398571]: Blocked authentication attempt for [email protected] from 209.50.179.168
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-09 17:02:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 12:02:35.291865 2025] [security2:error] [pid 15752:tid 15752] [client 209.50.179.168:56493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "backyardtossers.com"] [uri "/.git/HEAD"] [unique_id "aThWK11C-E6X9Mxbx79vXgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2025-12-08 00:17:31
(7 months ago)
Blocking for trying to access an exploit file: /.env
Hacking
๐บ๐ธ
TPI-Abuse
2025-12-07 23:23:20
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:23:14.540810 2025] [security2:error] [pid 25961:tid 25961] [client 209.50.179.168:40235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abilityengraving.com"] [uri "/.env"] [unique_id "aTYMYnvFvfhxANNFUrnzPQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-07 13:56:22
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 08:56:19.601609 2025] [security2:error] [pid 21286:tid 21286] [client 209.50.179.168:36381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lemoulinavent.org"] [uri "/.git/HEAD"] [unique_id "aTWHg65QnmKS_LeF_lH98QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-07 12:52:41
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 07:52:34.151229 2025] [security2:error] [pid 23872:tid 23872] [client 209.50.179.168:44063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "delawaremade.org"] [uri "/.svn/wc.db"] [unique_id "aTV4kqYRUqS-A7Ub9SivqAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-06 12:28:08
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 07:28:03.091161 2025] [security2:error] [pid 306:tid 306] [client 209.50.179.168:26369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garbothemusical.net"] [uri "/.svn/wc.db"] [unique_id "aTQhU8cBXRisq5KTOPpFpwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-05 11:45:33
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.179.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 06:45:26.595230 2025] [security2:error] [pid 15031:tid 15031] [client 209.50.179.168:27961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "travelswithfriends.com"] [uri "/.svn/wc.db"] [unique_id "aTLF1mBKaQ2RpLdgaMDaEgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2025-12-05 03:14:31
(7 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack