πΊπΈ
myagent.site
2026-02-15 11:52:55
(3 months ago)
Blocking for trying to access an exploit file: /app/.git/config
Hacking
π¨π
Origon
2026-02-15 05:37:23
(3 months ago)
http-sensitive-files - IP: 216.26.227.27 - time="2026-02-15T06:37:23+01:00" level=info msg="(555f66 ...
show more
http-sensitive-files - IP: 216.26.227.27 - time="2026-02-15T06:37:23+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 216.26.227.27 (US/200373) : 4h ban on Ip 216.26.227.27" module=db
show less
Web App Attack
πΊπΈ
jcbriar
2026-02-15 03:56:31
(3 months ago)
Searching for vulnerable scripts
Hacking
Web App Attack
π«π·
dynamix
2026-02-15 02:01:59
(3 months ago)
Multiple WAF Violations
Web App Attack
πΊπΈ
mnsf
2026-02-14 23:05:49
(3 months ago)
Scanning/Probing (24)
Brute-Force
Web App Attack
πΊπΈ
nowyouknow
2025-12-30 03:40:43
(5 months ago)
(From [email protected] ) Hello,
My name is Charlotte Douglas, and I re ...
show more
(From [email protected] ) Hello,
My name is Charlotte Douglas, and I represent Coastal Electric Services. We are currently evaluating potential partners for an upcoming opportunity and would like to confirm the following:
β’ Your availability to support new projects in Q1 2026
β’ Your interest in receiving additional project details
Once we have confirmed both availability and interest, we will provide the project scope and further information.
Thank you for your time. We look forward to hearing from you.
Best regards,
Charlotte Douglas
Project Executive
show less
Phishing
Web Spam
π©πͺ
Packets-Decreaser.NET
2025-12-29 14:01:48
(5 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
πΊπΈ
TPI-Abuse
2025-12-10 22:16:34
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 17:16:29.184331 2025] [security2:error] [pid 18616:tid 18616] [client 216.26.227.27:35381] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fadcometal.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fadcometal.com"] [uri "/mailto:[email protected] "] [unique_id "aTnxPQZKHQSVZo4rsb8AXAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-25 07:47:34
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 02:47:29.593412 2025] [security2:error] [pid 28792:tid 28792] [client 216.26.227.27:58537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fitnessgearmagazine.com"] [uri "/.svn/wc.db"] [unique_id "aSVfEZud2iWTjLBzgefpGQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 09:40:15
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:40:10.285413 2025] [security2:error] [pid 243930:tid 244033] [client 216.26.227.27:13143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boatservicesgroup.com"] [uri "/.git/HEAD"] [unique_id "aSQn-iGfGLJwz49-AzKNEgAAAJM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 08:26:17
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:26:14.324833 2025] [security2:error] [pid 10063:tid 10063] [client 216.26.227.27:52199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barreda.org"] [uri "/.git/HEAD"] [unique_id "aSQWpk0q-68HitA6Qr1XDgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 06:46:50
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:46:47.357261 2025] [security2:error] [pid 25163:tid 25163] [client 216.26.227.27:34487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.batonrougecustomcabinets.com"] [uri "/.git/HEAD"] [unique_id "aSP_VyRIsT8Q50Xn_0D7OAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 04:28:03
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.227.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:27:59.084996 2025] [security2:error] [pid 28329:tid 28329] [client 216.26.227.27:56027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.desertvacationvillas.com"] [uri "/.env"] [unique_id "aSPez2n2tR80H6N4pyemCgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
ππΊ
bcsaba
2025-10-30 09:13:31
(7 months ago)
CMS (WordPress or Joomla) login attempt.
216.26.227.27 - - [30/Oct/2025:10:13:27 +0100] "POST /wp-lo ...
show more
CMS (WordPress or Joomla) login attempt.
216.26.227.27 - - [30/Oct/2025:10:13:27 +0100] "POST /wp-login.php HTTP/1.1" 200 11063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0"
show less
Hacking
Brute-Force
Web App Attack
π¨π¦
wil.com
2025-10-29 02:36:20
(7 months ago)
GlobalProtect login attempts with user hkonior.
VPN IP
Brute-Force