Anonymous
2026-06-25 12:18:54
(1 week ago)
104.207.39.61 - - [25/Jun/2026:12:18:53 +0000] "GET /backup2.sql HTTP/1.1" 404 49834 "-" "Mozilla/5. ...
show more
104.207.39.61 - - [25/Jun/2026:12:18:53 +0000] "GET /backup2.sql HTTP/1.1" 404 49834 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-25 01:28:04
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-06-14 04:49:02
(2 weeks ago)
SQL backup theft attempt
Hacking
๐ฉ๐ช
FeG Deutschland
2026-06-13 22:26:22
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 10:49:36
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 06:49:11.865150 2026] [security2:error] [pid 25913:tid 25913] [client 104.207.39.61:29745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lazymanvegan.com"] [uri "/.env"] [unique_id "aiP7J-CX_Lfk2a0AMuC-yQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-04-21 13:29:01
(2 months ago)
[TueApr2115:28:55.7505512026][security2:error][pid3025243:tid3025318][client104.207.39.61:0]ModSecur ...
show more
[TueApr2115:28:55.7505512026][security2:error][pid3025243:tid3025318][client104.207.39.61:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"ggarchitetti.ch\"][uri\"/data.sql\"][unique_id\"aed7l2R1Z2zCLsvvYp9mlQAAAEc\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
interbiznw.com
2026-03-18 05:10:49
(3 months ago)
wordpress-fuzzing
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2025-12-09 00:48:08
(6 months ago)
botnet
DDoS Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-11-30 13:09:47
(7 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-11-26 12:13:21
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:13:14.709792 2025] [security2:error] [pid 21467:tid 21467] [client 104.207.39.61:15037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.mcgmcg.com"] [uri "/.git/HEAD"] [unique_id "aSbu2i0XL0jmRwhW6v0HYAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 00:37:33
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:37:26.572512 2025] [security2:error] [pid 15754:tid 15754] [client 104.207.39.61:54077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.grainavi.com"] [uri "/.git/HEAD"] [unique_id "aSZLxlrs-_o-PLTIJFbhgwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2025-11-25 00:01:51
(7 months ago)
IM360 WAF: Hidden file access
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-24 09:37:20
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:37:12.949144 2025] [security2:error] [pid 17609:tid 17609] [client 104.207.39.61:15421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.horneman.org"] [uri "/.svn/wc.db"] [unique_id "aSQnSN36wFZqa2DW1f6WowAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:13:25
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:13:16.235528 2025] [security2:error] [pid 22425:tid 22425] [client 104.207.39.61:14217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.revision.ws"] [uri "/.env"] [unique_id "aSQTnHT10A8gECLUnfJ8tQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:30:50
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:30:39.029551 2025] [security2:error] [pid 10693:tid 10748] [client 104.207.39.61:10339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cargosanibel.com"] [uri "/.git/HEAD"] [unique_id "aSPtfxp_fjf3XoBXB35ZNQAAANM"]
show less
Brute-Force
Bad Web Bot
Web App Attack