๐ฆ๐บ
dyln
2026-06-15 16:23:13
(2 weeks ago)
Dyls honeypot brute-force: proto8 (54 total hits)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-05 15:51:48
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 11:51:42.047571 2026] [security2:error] [pid 9745:tid 9759] [client 108.162.241.106:13268] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.callaplusfirst.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.callaplusfirst.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aiLwjmwEqmvxb28O1RT2bQAAAYs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-05-24 21:19:54
(1 month ago)
[Mon May 25 07:19:53.433714 2026] [security2:error] [pid 34013] [client 108.162.241.106:13468] [clie ...
show more
[Mon May 25 07:19:53.433714 2026] [security2:error] [pid 34013] [client 108.162.241.106:13468] [client 108.162.241.106] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dance4fitness.com.au"] [uri "/"] [unique_id "ahNreYAIP4piziHoc1045wAAAAE"]
...
show less
Web App Attack
๐ฆ๐บ
oncord
2026-04-30 14:32:19
(2 months ago)
Form spam
Web Spam
๐จ๐ฆ
polycoda
2026-04-07 19:46:39
(2 months ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 16:45:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 12:45:48.689202 2026] [security2:error] [pid 1273140:tid 1273140] [client 108.162.241.106:13049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ji-technovation.com"] [uri "/app/.env"] [unique_id "adU0vBMKq7w8LPQ4p01ThgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
vaia.cloud
2026-04-07 12:44:01
(2 months ago)
trying wp-login.php/xmlrpc.php 44 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 10:26:33
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 06:26:27.913006 2026] [security2:error] [pid 1207855:tid 1207855] [client 108.162.241.106:11418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.acraloc.com"] [uri "/.env.development.local"] [unique_id "adTb0z52kEg4103ntZu4CwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 01:49:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 21:49:18.719996 2026] [security2:error] [pid 1043726:tid 1043726] [client 108.162.241.106:11566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.perkowski.net"] [uri "/home/.env"] [unique_id "adRinmsrPlB8C1M75FQ6SgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 01:17:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 21:17:02.858151 2026] [security2:error] [pid 19953:tid 19953] [client 108.162.241.106:11238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.title13.com"] [uri "/.env1"] [unique_id "adMJjnRmihyoO4WGN4bHRwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 23:17:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 19:17:19.308786 2026] [security2:error] [pid 23651:tid 23651] [client 108.162.241.106:12587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.carrier.cloudex.link"] [uri "/.env.production"] [unique_id "adLtfyK-Rq6c5qofPY3V7QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 20:10:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 16:09:58.927120 2026] [security2:error] [pid 21120:tid 21120] [client 108.162.241.106:12448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.julisaadams.com"] [uri "/.env.local"] [unique_id "adLBltY3Ar2Mof8OvPCsvQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 17:13:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 13:13:08.693584 2026] [security2:error] [pid 1446:tid 1446] [client 108.162.241.106:9645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.rahmanou.com"] [uri "/.env.development"] [unique_id "adKYJG92KnJp03AEhCRPiAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 15:11:47
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 11:11:41.135835 2026] [security2:error] [pid 7285:tid 7285] [client 108.162.241.106:11149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.securitymontana.com"] [uri "/.envrc"] [unique_id "adJ7rYZV0tuCDZlRVJjzdwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 12:59:31
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 108.162.241.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 08:59:25.553708 2026] [security2:error] [pid 22082:tid 22082] [client 108.162.241.106:13925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.d-sinema.com"] [uri "/.env.local"] [unique_id "adJcrWMi88DgA5jqBiwNmAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack