πΊπΈ
mnsf
2026-02-16 03:05:18
(3 months ago)
Too many Status 40X (12)
Scanning/Probing (12)
Brute-Force
Web App Attack
π¬π§
consul.to
2026-02-15 12:50:58
(3 months ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 12:09:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:09:25.371199 2026] [security2:error] [pid 17905:tid 17905] [client 104.207.61.249:23709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "timbrazier.com"] [uri "/.env.production"] [unique_id "aZG3dQntOXuQHA-pqkbcYwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
2000cn.com.au
2026-02-15 11:42:03
(3 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
π©πͺ
Viveronese
2026-02-15 05:17:12
(3 months ago)
HTTP vulnerability scanning
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 04:11:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:11:51.065972 2026] [security2:error] [pid 23181:tid 23181] [client 104.207.61.249:49957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stormstrips.com"] [uri "/site/.git/config"] [unique_id "aZFHh8_T2mj4biVubd6rrQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
Origon
2026-02-15 02:41:41
(3 months ago)
http-sensitive-files - IP: 104.207.61.249 - time="2026-02-15T03:41:41+01:00" level=info msg="(555f6 ...
show more
http-sensitive-files - IP: 104.207.61.249 - time="2026-02-15T03:41:41+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.61.249 (CA/200373) : 4h ban on Ip 104.207.61.249" module=db
show less
Web App Attack
π³π±
ParaBug
2026-02-15 02:32:10
(3 months ago)
104.207.61.249 - - [15/Feb/2026:03:32:10 +0100] "GET /api/.git/config HTTP/1.1" 301 539 "-" "Mozilla ...
show more
104.207.61.249 - - [15/Feb/2026:03:32:10 +0100] "GET /api/.git/config HTTP/1.1" 301 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Phishing
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-02-15 02:05:42
(3 months ago)
Scanning/Probing (27)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 01:42:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:42:26.262228 2026] [security2:error] [pid 18685:tid 18685] [client 104.207.61.249:44539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "my-pitch.org"] [uri "/.env"] [unique_id "aZEkgtOGkwVO5uDRpslaZAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 01:24:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:23:58.260554 2026] [security2:error] [pid 16629:tid 16653] [client 104.207.61.249:46907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lzmarketingsolutions.com"] [uri "/wp/.git/config"] [unique_id "aZEgLo0dBptQCLod9KqnkwAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 00:55:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:55:05.169568 2026] [security2:error] [pid 13697:tid 13697] [client 104.207.61.249:64339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrsreclamation.com"] [uri "/backend/.env"] [unique_id "aZEZaTEhUXKtmrRljS2I7gAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 00:36:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:36:15.317039 2026] [security2:error] [pid 7283:tid 7283] [client 104.207.61.249:51235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lspfest.com"] [uri "/admin/.env"] [unique_id "aZEU_xjR_yDBEsjgRHe21AAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 00:18:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:18:18.499891 2026] [security2:error] [pid 8472:tid 8472] [client 104.207.61.249:63581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louisianamasons.com"] [uri "/api/.env"] [unique_id "aZEQyvY2lOFgTjRpkeiUbwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-14 23:34:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.61.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:34:38.691577 2026] [security2:error] [pid 960539:tid 960539] [client 104.207.61.249:61845] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lmv.us"] [uri "/.env.staging"] [unique_id "aZEGjr5Tbd_ap3P6o9D5cQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack