πΊπΈ
factor1
2026-07-05 23:35:25
(16 hours ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
πΊπΈ
dtorrer
2026-07-01 16:55:39
(4 days ago)
Brute-force general attack.
Brute-Force
π²π½
octageeks.com
2026-06-28 04:15:22
(1 week ago)
Wordpress malicious attack:[octaflood]
Web App Attack
π³π±
i-turnradio.nl
2026-04-09 15:57:31
(2 months ago)
2026-04-09 @ 17:57:31 (CET) ~ Blocked for trying to access: /xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-21 06:24:29
(5 months ago)
(mod_security) mod_security (id:212620) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 01:24:20.117506 2026] [security2:error] [pid 26489:tid 26489] [client 216.26.244.109:28205] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.citizensforsanity.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /?page_id=<script>alert('xss')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.citizensforsanity.com"] [uri "/"] [unique_id "aXBxFO9looI4N7rAGm7x9AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2025-12-13 10:10:02
(6 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-11-24 05:22:44
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:22:38.813090 2025] [security2:error] [pid 27930:tid 27930] [client 216.26.244.109:26529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.engelhardtkraatz.com"] [uri "/.env"] [unique_id "aSPrnqlhAgaHfZJkioEDSAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 04:57:05
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:57:02.242626 2025] [security2:error] [pid 5102:tid 5118] [client 216.26.244.109:52295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.prominentregroup.com"] [uri "/.svn/wc.db"] [unique_id "aSPlniR4b9K7bCaDrEcb2QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 04:32:56
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.244.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:32:49.228933 2025] [security2:error] [pid 20829:tid 20829] [client 216.26.244.109:21729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.shannonmahoney.com"] [uri "/.git/HEAD"] [unique_id "aSPf8ZlHctTfF5RD6PYp-AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Packets-Decreaser.NET
2025-10-07 17:14:02
(8 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam