π©πͺ
Hazzard
2026-05-23 17:14:44
(2 weeks ago)
(wordpress) Failed wordpress login from 104.207.48.218 (BR/Brazil/SΓ£o Paulo/SΓ£o Paulo/-/[redacted]): ...
show more
(wordpress) Failed wordpress login from 104.207.48.218 (BR/Brazil/SΓ£o Paulo/SΓ£o Paulo/-/[redacted]): (CF_ENABLE)
show less
Brute-Force
π©πͺ
FeG Deutschland
2026-05-23 14:04:34
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π³π±
homeshowdomain.nl
2026-05-18 21:59:41
(2 weeks ago)
Auto-ban: >3000 req/min op 2026-05-18
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-02-18 00:46:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 19:46:46.878869 2026] [security2:error] [pid 31248:tid 31274] [client 104.207.48.218:56631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pattinauction.com"] [uri "/.env"] [unique_id "aZUL9myDgCKIdwjBwmqqXgAAAVg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-13 12:59:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:59:41.393359 2026] [security2:error] [pid 21741:tid 21741] [client 104.207.48.218:26721] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laura-stone.com"] [uri "/.env"] [unique_id "aY8gPWmft7-jN5T6VSMiIgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-02-13 12:53:51
(3 months ago)
Multiple WAF Violations
Web App Attack
2026-02-13 09:29:47
(3 months ago)
(mod_security) mod_security triggered on hostname [redacted] 104.207.48.218 (BR/Brazil/-)
SQL Injection
πΊπΈ
TPI-Abuse
2026-02-13 08:54:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:54:19.314825 2026] [security2:error] [pid 25292:tid 25292] [client 104.207.48.218:62419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metalgecko.com"] [uri "/frontend/.env"] [unique_id "aY7mu63Pdwul85TI30QY9QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-13 08:34:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 03:34:45.845701 2026] [security2:error] [pid 11969:tid 11969] [client 104.207.48.218:11163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meridianranchdrc.org"] [uri "/test/.git/config"] [unique_id "aY7iJcPhpa0Q2jPhR49DFwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-13 05:18:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:18:28.699606 2026] [security2:error] [pid 6970:tid 6970] [client 104.207.48.218:58371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matterofbritain.com"] [uri "/dev/.git/config"] [unique_id "aY60JKGkcqR3ptKA692SiwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
2000cn.com.au
2026-02-13 04:51:12
(3 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-13 04:18:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:18:02.556464 2026] [security2:error] [pid 22471:tid 22471] [client 104.207.48.218:32057] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshall-islands-boat-registration.com"] [uri "/admin/.git/config"] [unique_id "aY6l-l_TMtQwJG68UTc4QwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-13 03:42:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:41:55.095273 2026] [security2:error] [pid 17445:tid 17453] [client 104.207.48.218:51111] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.biz"] [uri "/.env.local"] [unique_id "aY6dg9ZkFVS7ynJ4gPRfhgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
myagent.site
2026-02-13 03:35:38
(3 months ago)
Blocking for trying to access an exploit file: /backend/.env
Hacking
πΊπΈ
TPI-Abuse
2026-02-13 03:01:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 22:01:47.652503 2026] [security2:error] [pid 9231:tid 9231] [client 104.207.48.218:56507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manvsfoodlocations.com"] [uri "/config/.env"] [unique_id "aY6UG83gdT3u2VI6FxFF4gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack