๐ซ๐ท
Sklurk
2026-07-08 00:57:11
(7 hours ago)
Web App Attack
Web App Attack
๐ช๐ธ
librebit
2026-06-24 03:36:50
(2 weeks ago)
Brute force
Brute-Force
Anonymous
2026-04-12 05:51:21
(2 months ago)
Attempt to scan vulnerabilities
Hacking
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 21:11:50
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 16:11:45.372155 2025] [security2:error] [pid 3421:tid 3421] [client 65.111.6.217:37593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimpitchellandassociatesinc.com"] [uri "/.env"] [unique_id "aS9WESLii5-I1RK6T0k_cgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 19:23:47
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 14:23:39.634480 2025] [security2:error] [pid 32090:tid 32090] [client 65.111.6.217:31719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "olgapottery.com"] [uri "/.git/HEAD"] [unique_id "aS88u3VHnobbRCtxgnZyTwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 10:15:08
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 05:15:00.156663 2025] [security2:error] [pid 16077:tid 16077] [client 65.111.6.217:57771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ballantinepaintinganddrywall.com"] [uri "/.env"] [unique_id "aS68JD3l6vIEv56nbnW3uwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 05:22:01
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 00:21:53.831315 2025] [security2:error] [pid 194525:tid 194542] [client 65.111.6.217:9995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dermatologistcoloradosprings.com"] [uri "/.env"] [unique_id "aS53cVXB52HMSZ5lzSkQ_QAAAMQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2025-12-02 00:56:49
(7 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
Anonymous
2025-11-14 01:47:00
(7 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
๐ง๐ท
hostseries
2025-10-26 22:06:56
(8 months ago)
Trigger: LF_DISTATTACK
Brute-Force
๐จ๐ฆ
wil.com
2025-10-18 08:10:17
(8 months ago)
GlobalProtect login attempts with user ahristova.
VPN IP
Brute-Force
Anonymous
2025-10-18 03:04:00
(8 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.18 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-10-17 06:54:13
(8 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
Anonymous
2025-10-14 12:33:25
(8 months ago)
Dictionary attack on Palo Alto GlobalProtect VPN portal (port 443) detected via repeated login failu ...
show more
Dictionary attack on Palo Alto GlobalProtect VPN portal (port 443) detected via repeated login failures with varying usernames.
show less
Brute-Force