๐บ๐ธ
Peter Racine
2026-07-08 12:24:00
(3 days ago)
Credential stuffing - exchange accounts
Brute-Force
๐ง๐ช
cmbplf
2026-05-07 13:53:06
(2 months ago)
606 requests with url.path *.env
Brute-Force
Bad Web Bot
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
Anonymous
2025-12-25 13:38:59
(6 months ago)
wordpress-trap
Web App Attack
Anonymous
2025-12-22 16:53:25
(6 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.22 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.22 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-12-03 15:41:37
(7 months ago)
botnet
DDoS Attack
๐บ๐ธ
myagent.site
2025-12-02 11:03:35
(7 months ago)
Blocking for trying to access an exploit file: /.env
Hacking
๐บ๐ธ
TPI-Abuse
2025-12-02 09:02:43
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 04:02:37.871772 2025] [security2:error] [pid 11760:tid 11783] [client 65.111.6.252:48503] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "josephablumphotography.com"] [uri "/.git/HEAD"] [unique_id "aS6rLRRTHxJ9yOS6yRvfiAAAAM8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 08:39:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 03:39:32.656667 2025] [security2:error] [pid 13514:tid 13514] [client 65.111.6.252:56413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "celebritybikinigossip.com"] [uri "/.git/HEAD"] [unique_id "aS6lxHteFC9ZXdQ5q_DUSwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 04:48:59
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 23:48:52.471869 2025] [security2:error] [pid 21329:tid 21329] [client 65.111.6.252:27631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kippert.com"] [uri "/.svn/wc.db"] [unique_id "aS5vtGZqy-eyYQoMdQtRSQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2025-11-26 22:10:10
(7 months ago)
IM360 WAF: Hidden file access
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-25 06:38:16
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:38:12.875720 2025] [security2:error] [pid 18188:tid 18188] [client 65.111.6.252:57373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.weathercarib.net"] [uri "/.env"] [unique_id "aSVO1GSnQFMd_B5kEs2glwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 06:09:32
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:09:28.786053 2025] [security2:error] [pid 9455:tid 9455] [client 65.111.6.252:44861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.winchesterbayvacationrentals.com"] [uri "/.svn/wc.db"] [unique_id "aSVIGBAGSnWS0CuvIDVGewAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 04:24:46
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:24:39.745683 2025] [security2:error] [pid 22781:tid 22781] [client 65.111.6.252:18935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.blackmanfamily.com"] [uri "/.env"] [unique_id "aSUvh19CLyx9XsS5-e68JAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:56:06
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.6.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:55:59.336313 2025] [security2:error] [pid 5973:tid 5973] [client 65.111.6.252:60469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mlsdirect.xyz"] [uri "/.svn/wc.db"] [unique_id "aSUoz9rIwJ0xWclE_ZZggQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack