๐ซ๐ฎ
sgofferj
2026-07-04 00:25:32
(9 hours ago)
Attack attempt on SIP server
Fraud VoIP
Hacking
Brute-Force
๐ฎ๐น
Francesco Ippoliti
2026-07-03 21:31:53
(12 hours ago)
[Jul 3 23:31:53] NOTICE[65023] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '<sip:600@154 ...
show more
[Jul 3 23:31:53] NOTICE[65023] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '<sip:[email protected] >' failed for '104.207.48.142:44735' (callid: ae7f948214519ba31dcd7f1fd4555f93) - No matching endpoint found
[Jul 3 23:31:53] NOTICE[66068] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '<sip:[email protected] >' failed for '104.207.48.142:44735' (callid: ae7f948214519ba31dcd7f1fd4555f93) - No matching endpoint found
...
show less
Brute-Force
Port Scan
๐ฌ๐ง
PeravixGroup
2026-06-09 19:27:28
(3 weeks ago)
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity ...
show more
Honeypot detection: Apache CouchDB unauthorized access / exploitation attempt on port 5984. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host
๐ฆ๐บ
2000cn.com.au
2025-12-27 23:57:43
(6 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 23:00:09
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:00:02.081674 2025] [security2:error] [pid 7378:tid 7694] [client 104.207.48.142:39473] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toastandfigs.com"] [uri "/.svn/wc.db"] [unique_id "aVBk8q8D1dJ36h6xBhIyHwAAAUw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 22:02:59
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:02:55.371660 2025] [security2:error] [pid 19051:tid 19051] [client 104.207.48.142:16323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garretthillary.com"] [uri "/.svn/wc.db"] [unique_id "aVBXj8ATNR336JkdJ5ZeLwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 19:46:53
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:46:47.209673 2025] [security2:error] [pid 12956:tid 12956] [client 104.207.48.142:20331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aiamur.com"] [uri "/.svn/wc.db"] [unique_id "aVA3p4BSOwzUw6t4cRjlZgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 16:26:11
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 11:26:04.841525 2025] [security2:error] [pid 4422:tid 4493] [client 104.207.48.142:30049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesandbrown.com"] [uri "/.svn/wc.db"] [unique_id "aVAInFQ5-grWCIeNbCpQGAAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 12:43:28
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 07:43:25.174723 2025] [security2:error] [pid 23777:tid 23777] [client 104.207.48.142:39273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.muddypuddy.com"] [uri "/.git/HEAD"] [unique_id "aSb17UVQHipdF9_b0A-kTwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ธ
Smel
2025-11-26 11:18:44
(7 months ago)
Unauthorized Probe/Connection, Hack -
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2025-11-26 10:01:10
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:01:06.450386 2025] [security2:error] [pid 29043:tid 29043] [client 104.207.48.142:50399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nflelectronics.com"] [uri "/.env"] [unique_id "aSbP4sMMm4LFT0VVlRIMhAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 06:12:23
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:12:16.707419 2025] [security2:error] [pid 12233:tid 12233] [client 104.207.48.142:48029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.khaoula.com"] [uri "/.env"] [unique_id "aSaaQLanTSLuXkgzYVvzkgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 01:15:50
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:15:46.055854 2025] [security2:error] [pid 17466:tid 17483] [client 104.207.48.142:34945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.princesscastlebunkbed.com"] [uri "/.env"] [unique_id "aSZUwpvX96wK2APxLO0tmgAAAM8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 04:39:36
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:39:30.059133 2025] [security2:error] [pid 28685:tid 28685] [client 104.207.48.142:11659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.acuherbclinic.com"] [uri "/.env"] [unique_id "aSUzApTlhbi4PbaxBNdt1wAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:57:27
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:57:19.979601 2025] [security2:error] [pid 24217:tid 24217] [client 104.207.48.142:42117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.uraniumjewelry.rotarymagnetics.com"] [uri "/.env"] [unique_id "aSQd74YQmdtKkunV9-VR6gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack