๐บ๐ธ
mawan
2026-07-06 12:22:24
(1 hour ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ท๐บ
DZBOT
2026-07-05 05:43:30
(1 day ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
mawan
2026-07-04 16:18:01
(1 day ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 23:54:58
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 19:54:54.720781 2026] [security2:error] [pid 15568:tid 15568] [client 162.158.111.81:9376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.isyourcompanysafe.com"] [uri "/.git/config"] [unique_id "aiSzThP0zlF9GSkQ3wHuwgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 07:22:46
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:22:40.858057 2026] [security2:error] [pid 30727:tid 30727] [client 162.158.111.81:12526] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "novintzkiariste.net"] [uri "/.git/config"] [unique_id "aiPKwK2XLoqomzHUJEmn3QAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2026-06-04 17:46:10
(1 month ago)
162.158.111.81 - - [04/Jun/2026:11:46:09 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5. ...
show more
162.158.111.81 - - [04/Jun/2026:11:46:09 -0600] "GET /.git/config HTTP/2.0" 300 4342 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/127.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 03:05:39
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 02:14:15
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 22:14:09.798713 2026] [security2:error] [pid 29488:tid 29488] [client 162.158.111.81:11349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conversationtalentnetwork.com"] [uri "/.git/config"] [unique_id "ah48caYmuiDFchka8DumigAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-17 00:14:26
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
xxkodedxx
2026-05-13 10:22:08
(1 month ago)
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10 ...
show more
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10m window.
Origin: DE / AS13335 Cloudflare, Inc.
Active: 10:21:08 UTC
Volume: 1 HTTP req
Probed: /wp-admin/install.php?step=1
Status mix: 301ร1
UA: "http://ztx-lab.com/wp-admin/install.php?step=1"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 02:37:55
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 22:37:49.748533 2026] [security2:error] [pid 22522:tid 22522] [client 162.158.111.81:11996] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ruralroutes.ca"] [uri "/.env.backup"] [unique_id "agFA_YWtO9xqhrhQzz4TYgAAAAA"], referer: https://www.google.com/search?q=cpanel.ruralroutes.ca
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-06 21:37:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 17:37:37.353331 2026] [security2:error] [pid 9580:tid 9580] [client 162.158.111.81:11010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lightbender.net"] [uri "/.env.production"] [unique_id "afu0oTHwo-gdzv1ZRhN6bgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-30 11:34:32
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 07:34:26.168910 2026] [security2:error] [pid 2693:tid 2693] [client 162.158.111.81:12470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.creektech.com"] [uri "/.git/config"] [unique_id "afM-QnSNevQ3oet7CKtT1wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 11:08:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.111.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 07:08:46.174643 2026] [security2:error] [pid 26080:tid 26080] [client 162.158.111.81:9678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.the-practical-pionus.com"] [uri "/.git/refs/heads/master"] [unique_id "adJCvlDGTjCt3puk0tVZ5wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DEV-DNS
2026-04-04 05:10:18
(3 months ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection