๐ซ๐ท
Sklurk
2026-07-09 00:58:32
(8 hours ago)
Web App Attack
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-20 20:35:04
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
Anonymous
2026-06-17 13:31:23
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-03-05 08:09:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:08:57.246915 2026] [security2:error] [pid 5953:tid 6037] [client 104.207.48.115:42933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/87/cbefbc7de0938a20b1437b206780d787725573"] [unique_id "aak6Ge9_LUubsM0EwzyNTgAAAc0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 03:37:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:04.481601 2026] [security2:error] [pid 7788:tid 7788] [client 104.207.48.115:15475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/test/.git/config"] [unique_id "aZaFYEZDkjIvkFw6TPeuZgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-02-19 03:12:10
(4 months ago)
http-sensitive-files - IP: 104.207.48.115 - time="2026-02-19T04:12:10+01:00" level=info msg="(555f6 ...
show more
http-sensitive-files - IP: 104.207.48.115 - time="2026-02-19T04:12:10+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.48.115 (BR/200373) : 4h ban on Ip 104.207.48.115" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 02:11:27
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:11:22.818490 2026] [security2:error] [pid 31310:tid 31310] [client 104.207.48.115:16743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathiehazlett.com"] [uri "/admin/.git/config"] [unique_id "aZZxSijmFCt5HAAGE_5kUAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 20:22:13
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 15:22:07.867587 2026] [security2:error] [pid 5942:tid 5942] [client 104.207.48.115:11669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trclegacyholdings.org"] [uri "/admin/.env"] [unique_id "aZYfbyEtlTgqjuH-bt5xfwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 19:03:00
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 14:02:56.877356 2026] [security2:error] [pid 6656:tid 6711] [client 104.207.48.115:27531] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tigerresource.com"] [uri "/backup/.git/config"] [unique_id "aZYM4Hn1w6YImX3YkyQiZQAAAVI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 11:57:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 06:57:02.853602 2026] [security2:error] [pid 19687:tid 19687] [client 104.207.48.115:30701] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "warshaw1.com"] [uri "/v2/.git/config"] [unique_id "aZWpDhdy282etMFozkkmVAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 21:33:35
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 16:33:31.012323 2026] [security2:error] [pid 32381:tid 32381] [client 104.207.48.115:34499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gardnercastle.com"] [uri "/v2/.git/config"] [unique_id "aYpSq_-nHPNKqZ3VhiJNWgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 20:22:28
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 15:22:18.884122 2026] [security2:error] [pid 21494:tid 21494] [client 104.207.48.115:46907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galvez.cc"] [uri "/config/.env"] [unique_id "aYpB-gCVLgQH6CObp29OyAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 19:38:13
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 14:38:07.047097 2026] [security2:error] [pid 20540:tid 20540] [client 104.207.48.115:51401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabver.com"] [uri "/backup/.git/config"] [unique_id "aYo3n-tFJGbfGu46Y6tA_gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-09 19:10:37
(4 months ago)
Blocking for trying to access an exploit file: /frontend/.env
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-09 11:50:57
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 09 06:50:50.101650 2026] [security2:error] [pid 17411:tid 17411] [client 104.207.48.115:24247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gallodestinationservices.com"] [uri "/api/.env"] [unique_id "aYnKGmfcYgG5z9wtfL1s8gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack