π©πͺ
Axel
2026-05-21 17:17:16
(2 weeks ago)
[2026-05-21 17:17:16 UTC] Honeypot WebLogic connection attempt | AXFRA HONEYPOT
Web App Attack
π«π·
masterguru
2026-03-27 11:10:56
(2 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.48.75 (BR/Brazil/-): 1 in the last 360 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.48.75 (BR/Brazil/-): 1 in the last 3600 secs (0-193)
show less
Hacking
π«π·
β¨
2026-02-23 00:08:27
(3 months ago)
Domain : cleaners.greenleaflaundry.co.uk
Rule : wp-login
2026-02-23 00:05:39 ***hidden-privacy*** GE ...
show more
Domain : cleaners.greenleaflaundry.co.uk
Rule : wp-login
2026-02-23 00:05:39 ***hidden-privacy*** GET /wp-login.php - 443 - 104.207.48.75 HTTP/2 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0 - cleaners.greenleaflaundry.co.uk 404 0 2 1527 497 103 - -
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 12:19:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:19:35.550990 2026] [security2:error] [pid 22575:tid 22575] [client 104.207.48.75:32419] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualtacon.com"] [uri "/site/.git/config"] [unique_id "aZG51yZ3xdSJfglRVkfeCwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 11:49:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:49:37.945079 2026] [security2:error] [pid 9040:tid 9040] [client 104.207.48.75:39211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paihianz.com"] [uri "/v2/.git/config"] [unique_id "aZGy0fmtexFXMCkKhs5aCwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 11:03:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:03:15.646194 2026] [security2:error] [pid 585260:tid 585260] [client 104.207.48.75:16205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otcda-ts.com"] [uri "/.git/config"] [unique_id "aZGn802bjTrqMBm76FaycwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 06:39:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:39:10.641853 2026] [security2:error] [pid 9885:tid 9885] [client 104.207.48.75:56731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scsurfside.net"] [uri "/app/.env"] [unique_id "aZFqDpRBg84VwDY5HrOEnwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Baking333
2026-02-15 05:57:50
(3 months ago)
[redacted] 104.207.48.75 - - [15/Feb/2026:06:57:48 +0100] "GET /.env HTTP/1.1" 302 5278 0/35010 "-" ...
show more
[redacted] 104.207.48.75 - - [15/Feb/2026:06:57:48 +0100] "GET /.env HTTP/1.1" 302 5278 0/35010 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" [redacted] 104.207.48.75 - - [15/Feb/2026:06:57:48 +0100] "GET /.[redacted] HTTP/1.1" 302 5278 0/124735 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
show less
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 05:54:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:54:19.829550 2026] [security2:error] [pid 17931:tid 17931] [client 104.207.48.75:34983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "professionalpartyplanner.org"] [uri "/app/.env"] [unique_id "aZFfi_BOX2p2vYMncV2xxAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 05:02:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:02:34.314353 2026] [security2:error] [pid 886396:tid 886396] [client 104.207.48.75:37561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sargentandco.com"] [uri "/config/.env"] [unique_id "aZFTai3OqqtDmSSJ6o1ckQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-02-15 04:06:00
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 03:51:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:51:50.881817 2026] [security2:error] [pid 30054:tid 30054] [client 104.207.48.75:42489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "salazartransfers.com"] [uri "/dev/.git/config"] [unique_id "aZFC1vNbDB6NN4D6RhPXQgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 02:46:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:46:47.826741 2026] [security2:error] [pid 26711:tid 26711] [client 104.207.48.75:41171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ruthmartin.org"] [uri "/v2/.git/config"] [unique_id "aZEzl1H_JlfUtuteaF6S9QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 02:22:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:22:11.928647 2026] [security2:error] [pid 27286:tid 27286] [client 104.207.48.75:17985] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rucomp.com"] [uri "/backend/.env"] [unique_id "aZEt0yelekbFNXhaEtuKLAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 01:34:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.48.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:34:05.590722 2026] [security2:error] [pid 23818:tid 23818] [client 104.207.48.75:23179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorderprinting.com"] [uri "/test/.git/config"] [unique_id "aZEijSfm_5bTCTks07iJzAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack