๐ซ๐ท
Sklurk
2026-07-08 01:35:15
(2 days ago)
Web App Attack
Web App Attack
๐ซ๐ท
Sklurk
2026-06-20 02:51:16
(2 weeks ago)
Web App Attack
Web App Attack
๐ฌ๐ง
PeravixGroup
2026-06-09 21:15:03
(1 month ago)
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ...
show more
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host
๐ซ๐ท
pm33
2026-05-30 13:47:13
(1 month ago)
Wordpress login attempts
Brute-Force
๐ฒ๐ฝ
octageeks.com
2026-05-29 04:12:18
(1 month ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐ฉ๐ช
LRob
2026-05-28 06:30:07
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
Anonymous
2026-05-26 06:50:12
(1 month ago)
[osotir.org] httpd-login-spray-site: sites=osotir.org; logs=/var/log/httpd/domains/osotir.org.log; s ...
show more
[osotir.org] httpd-login-spray-site: sites=osotir.org; logs=/var/log/httpd/domains/osotir.org.log; samples=site_wide=true | distinct_ips=29 | /wp-login.php
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-08 14:01:33
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 09:01:29.889739 2025] [security2:error] [pid 16943:tid 16943] [client 216.26.239.89:44707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "showaddx.com"] [uri "/.git/HEAD"] [unique_id "aTbaOUs475dqQI9vduYkPgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-08 10:04:07
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 08 05:04:02.373986 2025] [security2:error] [pid 28865:tid 28865] [client 216.26.239.89:33315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bosdkbook.com"] [uri "/.svn/wc.db"] [unique_id "aTaiktQjMA4vJy8B1-5d-AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-06 11:52:22
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:52:19.552799 2025] [security2:error] [pid 18556:tid 18556] [client 216.26.239.89:28567] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "groux.net"] [uri "/.svn/wc.db"] [unique_id "aTQY8340AsizCOGSyEBN5wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-05 14:23:50
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 09:23:47.178911 2025] [security2:error] [pid 1897:tid 1897] [client 216.26.239.89:42565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bud-stl.com"] [uri "/.git/HEAD"] [unique_id "aTLq8y2uaRHK4G1mzWL-tQAAAC0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-05 06:35:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:35:19.847172 2025] [security2:error] [pid 25604:tid 25624] [client 216.26.239.89:56491] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tusappsonline.com"] [uri "/.env"] [unique_id "aTJ9J5j7o2nNVMhsi-9V4AAAAJI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-05 01:26:28
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.239.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 20:26:24.990414 2025] [security2:error] [pid 30872:tid 30872] [client 216.26.239.89:11607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomaschemical.com"] [uri "/.svn/wc.db"] [unique_id "aTI0wKe3jrBrbRwG1wB7uAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-02 20:50:55
(8 months ago)
This IP was involved in an brute force and password spray attack on 2025/11/02 07:26:33
Port Scan
Brute-Force
Exploited Host
Web App Attack
๐ซ๐ท
applemooz
2025-11-01 12:02:08
(8 months ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack