๐ฌ๐ง
Oakley
2026-06-24 10:11:47
(2 weeks ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐ฉ๐ช
LRob
2026-06-24 01:30:51
(2 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-12 02:30:19
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
its101
2026-05-12 22:55:04
(1 month ago)
Automated detection by LockdownAccess security system. Attack type(s): git_exposure. Reason: Nginx: ...
show more
Automated detection by LockdownAccess security system. Attack type(s): git_exposure. Reason: Nginx: git_exposure attack. Path targeted: unknown. Blocked in Cloudflare.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-12 19:01:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 15:01:27.418058 2026] [security2:error] [pid 6579:tid 6579] [client 104.207.39.125:30607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gizmolabs.net"] [uri "/.env"] [unique_id "agN5B6QvQPe1Yvt7yCnx4wAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-01 08:01:43
(2 months ago)
Forum/form spam
Web Spam
Anonymous
2026-03-13 17:16:11
(3 months ago)
Forum/form spam
Web Spam
๐บ๐ธ
windowsforum
2026-02-22 23:20:23
(4 months ago)
Spam bot registration: triggers=timing, js_challenge, inv_honeypot, pow_fail, username=CarrolMapl
Web Spam
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-02-12 23:00:40
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-12
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-02-11 23:50:43
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 11 18:50:33.365922 2026] [security2:error] [pid 26357:tid 26357] [client 104.207.39.125:62523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arkml.com"] [uri "/api/.env"] [unique_id "aY0VyVRT3a08AJ1eCWR7wgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 06:28:05
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 01:28:01.100285 2026] [security2:error] [pid 6712:tid 6712] [client 104.207.39.125:50595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iktonline.org"] [uri "/admin/.git/config"] [unique_id "aYrP8dN-UQOv9AL7WtZxhwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 04:41:33
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:41:26.680791 2026] [security2:error] [pid 10120:tid 10120] [client 104.207.39.125:50751] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idatex.us"] [uri "/wp/.git/config"] [unique_id "aYq29uyF-ZL3KWr9BowfTQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 04:21:33
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 23:21:29.440258 2026] [security2:error] [pid 1884207:tid 1884207] [client 104.207.39.125:20655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icoinedthewordironesty.com"] [uri "/backend/.env"] [unique_id "aYqySatkd3E5nK1JI9_NlgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-10 03:23:52
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 22:23:45.927494 2026] [security2:error] [pid 2277738:tid 2277738] [client 104.207.39.125:33047] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbysheetmetalworks.com"] [uri "/backend/.env"] [unique_id "aYqkwf1POYsc1E3zfDJtKQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Carsten
2026-02-09 22:36:05
(5 months ago)
GET [backup/.git/config]
Port Scan