๐ซ๐ท
LRob
2026-07-06 05:42:54
(15 hours ago)
CrowdSec: crowdsecurity/http-wordpress-scan | req: ["/wp-content/plugins/brizy/readme.txt","/wp-cont ...
show more
CrowdSec: crowdsecurity/http-wordpress-scan | req: ["/wp-content/plugins/brizy/readme.txt","/wp-content/plugins/wp-automatic/readme.txt","/wp-content/plugins/gravityforms/readme.txt","/wp-content/plugins/essential-addons-for-elementor-lite/readme.txt"] | UA: ["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"]
show less
Web App Attack
๐ฎ๐น
VHosting
2025-12-24 04:50:30
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2025-12-02 22:22:14
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:22:06.334097 2025] [security2:error] [pid 13809:tid 13809] [client 216.26.253.154:60345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "21north.com"] [uri "/.env"] [unique_id "aS9mjp5P_qtnrv6_99lqWgAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 19:15:37
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:15:31.887314 2025] [security2:error] [pid 7217:tid 7217] [client 216.26.253.154:14021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "citystreetsalon.com"] [uri "/.svn/wc.db"] [unique_id "aS8601siR7Ff6ywbfCt3BgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 18:34:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 13:34:19.696158 2025] [security2:error] [pid 22651:tid 22708] [client 216.26.253.154:45617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "missmadlove.com"] [uri "/.svn/wc.db"] [unique_id "aS8xK3l98EkaO0lQkbEL8AAAAZg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 15:18:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 10:18:19.384703 2025] [security2:error] [pid 9240:tid 9240] [client 216.26.253.154:18045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sirreelpictures.com"] [uri "/.git/HEAD"] [unique_id "aS8DO3b51Db9L6XeUq7ocgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 05:58:31
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:58:25.404855 2025] [security2:error] [pid 14832:tid 14832] [client 216.26.253.154:13947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cestcaryntravel.com"] [uri "/.git/HEAD"] [unique_id "aS6AAS1hky0y_CTLMW4h3gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 04:08:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.26.253.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:08:21.071905 2025] [security2:error] [pid 12690:tid 12690] [client 216.26.253.154:50949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxtake2.com"] [uri "/.env"] [unique_id "aS5mNeqV1iE_UmNILjry6AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-02 15:03:13
(8 months ago)
This IP was involved in an brute force and password spray attack on 2025/11/02 07:29:53
Port Scan
Brute-Force
Exploited Host
Web App Attack