๐ซ๐ท
masterguru
2026-07-09 16:28:50
(51 minutes ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 104.207.49.196 (BR/Brazil/-): 1 in the last 3 ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 104.207.49.196 (BR/Brazil/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ณ๐ฑ
i-turnradio.nl
2026-05-22 12:25:48
(1 month ago)
2026-05-22 @ 14:25:47 (CET) ~ Blocked for trying to access: /wp-login.php
Web App Attack
๐ฆ๐บ
MAGIC
2025-12-24 05:05:45
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ณ๐ฑ
i-turnradio.nl
2025-11-26 09:35:51
(7 months ago)
2025-11-26 @ 10:35:51 (CET) ~ Blocked based on risk assessment and prior abuse reports
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 06:37:31
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 01:37:26.071881 2025] [security2:error] [pid 2487518:tid 2487518] [client 104.207.49.196:42181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hills-tax.com"] [uri "/.svn/wc.db"] [unique_id "aSagJmhEfrLFiElpvBGipAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 03:02:45
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:02:39.812084 2025] [security2:error] [pid 2154:tid 2154] [client 104.207.49.196:28317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gingerhousestudios.gregorii.com"] [uri "/.git/HEAD"] [unique_id "aSZtz456g8b_ItuASVW9jQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 01:13:06
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:13:00.780465 2025] [security2:error] [pid 3365545:tid 3365692] [client 104.207.49.196:59027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tonysergio.com"] [uri "/.git/HEAD"] [unique_id "aSZUHCa0-q0nx5VbsSBv6QAAAlA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-26 00:04:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 19:04:36.572089 2025] [security2:error] [pid 26225:tid 26225] [client 104.207.49.196:22705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.arsenaultartistmanagement.com"] [uri "/.git/HEAD"] [unique_id "aSZEFPsGXZsfutYlJh94RQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2025-11-24 21:11:58
(7 months ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:48:48
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:48:44.092640 2025] [security2:error] [pid 23422:tid 23422] [client 104.207.49.196:40575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thepotteriesmesilla.com"] [uri "/.svn/wc.db"] [unique_id "aSQb7E-V859byYtiyzWrOgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-09 07:11:01
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 104.207.49.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 09 02:10:56.872895 2025] [security2:error] [pid 14642:tid 14642] [client 104.207.49.196:50025] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.kirbyimc.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.kirbyimc.com"] [uri "/s3cmd.ini"] [unique_id "aRA-gAcA-Ak4NoVZ6TjiSAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
weblite
2025-11-04 14:02:41
(8 months ago)
WP_LOGIN_FAIL WP_XMLRPC_ABUSE
Brute-Force
Web App Attack
๐บ๐ธ
xmission.com
2025-11-01 08:58:46
(8 months ago)
104.207.49.196 - - [01/Nov/2025:02:58:45 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5 ...
show more
104.207.49.196 - - [01/Nov/2025:02:58:45 -0600] "POST /wp-login.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0"
...
show less
Brute-Force
๐ซ๐ฎ
bittiguru.fi
2025-10-09 13:36:25
(9 months ago)
Brute Force
Brute-Force
SSH
Anonymous
2025-04-07 10:14:48
(1 year ago)
Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.07 is noted in report tim ...
show more
Attempted brute force login to web vpn 5 time(s); last attempt for 2025.04.07 is noted in report timestamp
show less
Hacking
Brute-Force