๐ซ๐ท
Sklurk
2026-07-07 15:20:47
(5 days ago)
Web App Attack
Web App Attack
๐ต๐น
Subnet Phantom Veil
2026-07-05 10:33:49
(1 week ago)
[Security Alert] Targeted scanning for WordPress vulnerabilities has been detected. Access automatic ...
show more
[Security Alert] Targeted scanning for WordPress vulnerabilities has been detected. Access automatically blocked, and the IP Address banned. [Method]: => GET. [Request]: => /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings. Access revoked. [User-Agent]: curl/8.7.1. [OS]: Unknown. [IP Address]: 216.26.224.39. [Date]: 2026-07-05 11:21:48 UTC.
show less
Bad Web Bot
Hacking
Port Scan
Web App Attack
๐บ๐ธ
ph
2026-06-27 22:06:11
(2 weeks ago)
Bad web bot attempting to run wp-json on non-WP site
Hacking
Bad Web Bot
Web App Attack
๐จ๐ฆ
Blinker73
2026-03-27 02:00:34
(3 months ago)
216.26.224.39 - - [26/Mar/2026:22:00:29 -0400] "GET /.env.save HTTP/1.1" 301 162 "-" "Mozilla/5.0 (W ...
show more
216.26.224.39 - - [26/Mar/2026:22:00:29 -0400] "GET /.env.save HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-03-27 01:41:43
(3 months ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ง๐ท
Halux
2026-03-27 00:37:11
(3 months ago)
216.26.224.39 Probing protected path or service
Web App Attack
๐จ๐ญ
backslash
2026-01-29 06:30:04
(5 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฌ๐ง
openstrike.co.uk
2025-12-03 08:01:45
(7 months ago)
9 packets to port 2083
Port Scan
๐บ๐ธ
TPI-Abuse
2025-11-24 09:00:42
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:00:35.194486 2025] [security2:error] [pid 30974:tid 30974] [client 216.26.224.39:49045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhartman.com"] [uri "/.env"] [unique_id "aSQes28eOQ1-tmXRxVcRZQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:17:36
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:17:21.077509 2025] [security2:error] [pid 31011:tid 31011] [client 216.26.224.39:19453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.todddavis.net"] [uri "/.svn/wc.db"] [unique_id "aSQUkQVpMAmbmQw4cr_SGQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:41:06
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:41:00.207680 2025] [security2:error] [pid 7668:tid 7668] [client 216.26.224.39:16481] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.jeanlouisdarville.com"] [uri "/.git/HEAD"] [unique_id "aSPv7NFYDEIZaI55gL_U2gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 04:30:16
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:29:45.098367 2025] [security2:error] [pid 13555:tid 13555] [client 216.26.224.39:29973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.allseniorsolutions.com"] [uri "/.env"] [unique_id "aSPfOUBQZVfJFEeqJ27hhQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 03:46:10
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 22:45:59.213530 2025] [security2:error] [pid 23364:tid 23364] [client 216.26.224.39:31395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.healthmarkcounseling.com"] [uri "/.git/HEAD"] [unique_id "aSPU9-yw_8xS76UQTMYqLQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-15 08:19:18
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 03:19:11.228076 2025] [security2:error] [pid 8717:tid 8717] [client 216.26.224.39:36835] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ironheadsofseo.com"] [uri "/.env"] [unique_id "aRg3f3D8x4xPCbKAGfkkLAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-30 05:03:10
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 216.26.224.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 30 01:03:02.937122 2025] [security2:error] [pid 24090:tid 24090] [client 216.26.224.39:9779] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||encoremtmorris.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "encoremtmorris.com"] [uri "/mailto:[email protected] "] [unique_id "aQLxho4PRicf2WU117IZXAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack