πΊπΈ
TPI-Abuse
2026-04-20 23:19:49
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 19:19:44.568734 2026] [security2:error] [pid 3922265:tid 3922265] [client 104.207.32.50:58841] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||whodatnation.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "whodatnation.com"] [uri "/whodatnation.sql"] [unique_id "aea0kGDQrdFouE2Hv46h8wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
2000cn.com.au
2026-04-20 18:05:06
(1 month ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-02-24 11:29:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 06:29:09.799961 2026] [security2:error] [pid 7259:tid 7259] [client 104.207.32.50:14599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "representacionesthompson.com.nesetsv.com"] [uri "/.git/config"] [unique_id "aZ2LhUdC054T9P96So6o6AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-24 10:13:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 05:13:08.330409 2026] [security2:error] [pid 19831:tid 19831] [client 104.207.32.50:43097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cafelimelight.cafelimelight.info"] [uri "/.git/config"] [unique_id "aZ15tJu-8cULAjO41Db4bAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-24 00:23:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 19:22:57.895706 2026] [security2:error] [pid 19593:tid 19621] [client 104.207.32.50:51077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "windstream-sales.com.exede-sales.com"] [uri "/.git/config"] [unique_id "aZzvYXAcqblYgiOSt98v3wAAARg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-23 18:30:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 13:30:30.565244 2026] [security2:error] [pid 6247:tid 6260] [client 104.207.32.50:24353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hadith.newtrendmag.org"] [uri "/.git/config"] [unique_id "aZycxiZUSezzXOjE41GAawAAAMg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
MM-bot
2026-02-23 12:14:43
(3 months ago)
URL-probe: HTTP/1.1 GET request on /.git/config (2026-02-23 13:14:43 UTC+1)
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-02-23 10:57:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 05:56:59.944080 2026] [security2:error] [pid 15012:tid 15012] [client 104.207.32.50:14477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orchestrateyouraptitudes.ficklepassionproductions.com"] [uri "/.git/config"] [unique_id "aZwyewbQCYhTEVbMKPTJ1QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-02-19 15:05:31
(3 months ago)
Scanning/Probing (23)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-19 02:32:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:32:40.669906 2026] [security2:error] [pid 2945:tid 2945] [client 104.207.32.50:31611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kclawoffice.com"] [uri "/config/.env"] [unique_id "aZZ2SCV9NV7MJsIOkPdLcgAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-02-18 22:59:14
(3 months ago)
Auto-ban: >3000 req/min op 2026-02-18
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-02-18 19:02:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:02:25.701417 2026] [security2:error] [pid 17540:tid 17540] [client 104.207.32.50:40695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tiffanyshouses.com"] [uri "/api/.git/config"] [unique_id "aZYMwbWlnDUkkdHeMjHhyQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 18:28:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:28:41.172504 2026] [security2:error] [pid 25479:tid 25479] [client 104.207.32.50:61963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theurbanlogger.com"] [uri "/admin/.env"] [unique_id "aZYE2Xl4a1r5rcQAP1HnkQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-18 17:28:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.32.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 12:27:57.350543 2026] [security2:error] [pid 1935:tid 1935] [client 104.207.32.50:34011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zodiacwin.com"] [uri "/app/.env"] [unique_id "aZX2nbQ3gvXCTuEerbohaAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-02-18 14:06:06
(3 months ago)
Scanning/Probing (20)
Brute-Force
Web App Attack