π¨π¦
kmok
2026-07-08 14:00:00
(2 days ago)
Multiple Sign in attempts on a user account while the user is physically in office at Vancouver, BC ...
show more
Multiple Sign in attempts on a user account while the user is physically in office at Vancouver, BC Canada.
show less
Brute-Force
π¦πΊ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
πΊπΈ
mnsf
2026-02-19 15:05:31
(4 months ago)
Scanning/Probing (23)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-19 05:35:32
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 00:35:28.629891 2026] [security2:error] [pid 21087:tid 21087] [client 65.111.31.131:10099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ktnwassociatesinc.com"] [uri "/api/.git/config"] [unique_id "aZahIBD4YhWhoGE7LijFqAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-19 02:27:51
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:27:48.069740 2026] [security2:error] [pid 6358:tid 6358] [client 65.111.31.131:27151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kbalan.com"] [uri "/.env.save"] [unique_id "aZZ1JPJte1E_9DcYFHpYtgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-19 01:48:15
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 20:48:08.008942 2026] [security2:error] [pid 9829:tid 9829] [client 65.111.31.131:51049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karieva.com"] [uri "/.env.save"] [unique_id "aZZr2KuAQV706CIWS_XXkwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2026-02-19 00:34:23
(4 months ago)
165 requests with url.path */.git/config
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-02-19 00:31:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:31:41.828611 2026] [security2:error] [pid 1704039:tid 1704049] [client 65.111.31.131:41741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vote4joegardner.com"] [uri "/backend/.env"] [unique_id "aZZZ7ZoaRHSTQkGyepItIQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 20:22:14
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:22:07.537350 2026] [security2:error] [pid 21199:tid 21199] [client 65.111.31.131:21545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "treadbox.net"] [uri "/.env.staging"] [unique_id "aZYfbxNZmW7b2lOSqCJPRAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-02-18 20:08:49
(4 months ago)
Multiple WAF Violations
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 19:59:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:59:41.446406 2026] [security2:error] [pid 18566:tid 18566] [client 65.111.31.131:14109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "towermedia.net"] [uri "/.git/config"] [unique_id "aZYaLdkuPuzdCqPoTo3zOgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 17:30:47
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 12:30:39.990789 2026] [security2:error] [pid 6628:tid 6655] [client 65.111.31.131:22621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zoomtexas.com"] [uri "/.env"] [unique_id "aZX3P80TMgdrghxRxAtZCAAAAVQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
iNetWorker
2026-02-18 17:20:39
(4 months ago)
trolling for resource vulnerabilities
Web App Attack
πΊπΈ
mnsf
2026-02-18 14:06:15
(4 months ago)
Too many Status 40X (12)
Scanning/Probing (12)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 13:19:42
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.31.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 08:19:39.339939 2026] [security2:error] [pid 1269653:tid 1269653] [client 65.111.31.131:18217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "williamfitzsimmons.com"] [uri "/v2/.git/config"] [unique_id "aZW8a4OIrKua5efYW4K-7wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack