π«π·
Pays d'AngoulΓͺme
2026-07-07 05:22:18
(5 days ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/core/install.php
Web App Attack
πΊπΈ
mnsf
2026-06-17 00:07:42
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-11 00:43:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 20:43:10.698080 2026] [security2:error] [pid 27318:tid 27318] [client 162.158.94.13:13075] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "uniquelimo.org"] [uri "/.git/config"] [unique_id "aioEnnK48ls4gBjDmOYjwgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
acadeova
2026-05-05 18:27:45
(2 months ago)
π¨ Recon detected (nft drop)
SRC=162.158.94.13
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journ ...
show more
π¨ Recon detected (nft drop)
SRC=162.158.94.13
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-05-03 14:56:55
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 10:56:49.606222 2026] [security2:error] [pid 18356:tid 18356] [client 162.158.94.13:10389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aviil.com"] [uri "/.git/config"] [unique_id "afdiMaIILU-yr-0x9PhZTQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 22:37:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 18:37:51.581626 2026] [security2:error] [pid 4105358:tid 4105364] [client 162.158.94.13:13022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.e-dome.ne.jp"] [uri "/.git/refs/heads/main"] [unique_id "adbYv-KqM9Y90ZLEpcEpJwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 04:05:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 00:05:29.089691 2026] [security2:error] [pid 2818398:tid 2818398] [client 162.158.94.13:10599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "baseball.jpwatters.net"] [uri "/.git/logs/HEAD"] [unique_id "adXUCZOso8kq7W5899J3lgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-04-06 04:05:33
(3 months ago)
Scanning/Probing (39)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 06:50:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 02:50:17.416778 2026] [security2:error] [pid 32385:tid 32385] [client 162.158.94.13:9619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.julecarey.com"] [uri "/.env.production"] [unique_id "adIGKaevkSZKMx2UGMSBUgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-04-04 18:10:54
(3 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-04 09:51:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 05:51:38.446473 2026] [security2:error] [pid 10482:tid 10562] [client 162.158.94.13:10260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gipsonfinancialgroup.digital4z.com"] [uri "/.env.development"] [unique_id "adDfKkx3NXboZRlAYo1ImgAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 18:05:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 14:05:46.312754 2026] [security2:error] [pid 13763:tid 13763] [client 162.158.94.13:11308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.armstrongpartnersllc.com"] [uri "/backend/.env"] [unique_id "adABesS1Fq6CWYmBg5TbzgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-04-03 06:06:22
(3 months ago)
Too many Status 40X (21)
Scanning/Probing (20)
Brute-Force
Web App Attack
π©πͺ
NewWavesApp
2026-04-03 03:11:48
(3 months ago)
(mod_security) mod_security triggered on hostname [redacted] 162.158.94.13 (US/United States/-): (C ...
show more
(mod_security) mod_security triggered on hostname [redacted] 162.158.94.13 (US/United States/-): (CF_ENABLE)
show less
SQL Injection
πΊπΈ
TPI-Abuse
2026-04-02 21:27:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.94.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:27:33.352854 2026] [security2:error] [pid 9741:tid 9741] [client 162.158.94.13:13289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.momihom.com"] [uri "/.env"] [unique_id "ac7fRdXzPV3vKpTOm5L_4AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack