๐บ๐ธ
TPI-Abuse
2026-07-02 09:23:54
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:23:47.936568 2026] [security2:error] [pid 22233:tid 22233] [client 162.158.182.81:12112] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "900west.com"] [uri "/.git/config"] [unique_id "akYuIzGNVcay_1F4-xzr1QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฐ๐ท
enp0s1
2026-06-28 17:06:42
(2 weeks ago)
Auto-reported by Fail2Ban (UFW Block, Port Scan)
Port Scan
๐ฉ๐ช
febrian.de
2026-06-27 16:57:49
(2 weeks ago)
Excessive HTTP(S) probing or bad web bot detected by Fail2Ban
Bad Web Bot
Web App Attack
Anonymous
2026-06-18 18:51:55
(4 weeks ago)
162.158.182.81 - - [18/Jun/2026:18:51:55 +0000] "GET /.git/config HTTP/1.1" 404 4950 "-" "Mozilla/5. ...
show more
162.158.182.81 - - [18/Jun/2026:18:51:55 +0000] "GET /.git/config HTTP/1.1" 404 4950 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 Version/17.0 Mobile Safari/604.1"
...
show less
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-13 06:21:07
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-06-09 03:15:55
(1 month ago)
Known malicious PHP file or CMS probe
Web App Attack
๐ฉ๐ช
Duggy_Tuxy๐งฑ
2026-06-02 08:34:30
(1 month ago)
[SW01-SRV01-DE] Banned by Fail2ban (Jail: syswarden-cms-honeypot)
Brute-Force
Hacking
๐ฉ๐ช
Duggy_Tuxy๐งฑ
2026-05-31 02:50:59
(1 month ago)
[SW01-SRV01-DE] Banned by Fail2ban (Jail: syswarden-cms-honeypot)
Hacking
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-05-24 22:02:22
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-24
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-23 08:47:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 04:47:15.020369 2026] [security2:error] [pid 25743:tid 25743] [client 162.158.182.81:13918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brandoncomputergeeks.com"] [uri "/.git/config"] [unique_id "ahFpkxOLLLHouYPGHRZgBwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-05-21 02:03:52
(1 month ago)
ipoac.nl:80 162.158.182.81 - - [21/May/2026:04:03:51 +0200] - "GET /wp-admin/install.php?step=1 HTTP ...
show more
ipoac.nl:80 162.158.182.81 - - [21/May/2026:04:03:51 +0200] - "GET /wp-admin/install.php?step=1 HTTP/1.1" 302 955 "-" "http://-/wp-admin/install.php?step=1"
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-21 01:41:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 21:41:25.959942 2026] [security2:error] [pid 25050:tid 25050] [client 162.158.182.81:12873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.integrabroadcast.com"] [uri "/.env.local"] [unique_id "ag5ixTT-OLVHdEGWYIuJAgAAAAw"], referer: https://www.google.com/search?q=integrabroadcast.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-05-19 23:11:04
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-17 18:09:47
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 14:09:44.161026 2026] [security2:error] [pid 20474:tid 20474] [client 162.158.182.81:11183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sieder.com"] [uri "/.git/config"] [unique_id "agoEaAHz9ttqknJjFUHBRwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-16 00:29:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.182.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 20:29:48.270495 2026] [security2:error] [pid 14621:tid 14621] [client 162.158.182.81:14271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pandahh.com"] [uri "/sftp-config.json"] [unique_id "age6fBzx2AK0lrdvGy5k1QAAAAE"], referer: https://www.google.com/search?q=pandahh.com
show less
Brute-Force
Bad Web Bot
Web App Attack