๐บ๐ธ
--KBXX--
2026-07-10 23:01:54
(4 days ago)
bfa, m365
Brute-Force
๐ซ๐ท
Sklurk
2026-07-07 17:30:49
(1 week ago)
Web App Attack
Web App Attack
๐ซ๐ท
Sklurk
2026-06-20 03:11:42
(3 weeks ago)
Web App Attack
Web App Attack
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
Anonymous
2025-12-13 09:33:28
(7 months ago)
botnet
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 06:29:13
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:29:05.648380 2025] [security2:error] [pid 32007:tid 32007] [client 216.26.231.228:13127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.officechristmascards.com"] [uri "/.svn/wc.db"] [unique_id "aSVMsSYi3JvRhXIDZVfvnwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 04:40:16
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:40:07.696466 2025] [security2:error] [pid 14356:tid 14356] [client 216.26.231.228:54921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ridgecrestrealtors.com"] [uri "/.env"] [unique_id "aSUzJ2DbrDWkEgx9GeSS8AAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 04:17:42
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:17:38.928699 2025] [security2:error] [pid 28419:tid 28419] [client 216.26.231.228:18775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ea2cdy.belintxon.com"] [uri "/.env"] [unique_id "aSUt4siDaar7eDoqtWk2MwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:47:10
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:46:55.539044 2025] [security2:error] [pid 12593:tid 12593] [client 216.26.231.228:9197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.compmansys.com"] [uri "/.env"] [unique_id "aSUmr2zCQ5KY5p4TU9gadQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:10:05
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:09:59.205940 2025] [security2:error] [pid 30995:tid 30995] [client 216.26.231.228:33137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.billdavidow.com"] [uri "/.git/HEAD"] [unique_id "aSUeB02ndUVR04UTxoc8twAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:47:15
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:47:10.426010 2025] [security2:error] [pid 693090:tid 693090] [client 216.26.231.228:31435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.mitchellart.com"] [uri "/.svn/wc.db"] [unique_id "aSUYrtsEr3UO1SQmyhHhbQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:21:27
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:21:21.073324 2025] [security2:error] [pid 2318:tid 2318] [client 216.26.231.228:10175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.80corvette.com"] [uri "/.git/HEAD"] [unique_id "aSUSoZICUPAR1mi_86ASggAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 01:05:29
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:05:20.305857 2025] [security2:error] [pid 29488:tid 29488] [client 216.26.231.228:12257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.lajoyadelmar.net"] [uri "/.env"] [unique_id "aSUA0KCFUqOtByaXFPthRwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-14 10:03:03
(8 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-07 00:02:20
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 216.26.231.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 19:02:12.733837 2025] [security2:error] [pid 15655:tid 15655] [client 216.26.231.228:13897] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||esad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "esad.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ03BDBx198ivwCCv8sVCAAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack