Anonymous
2026-06-14 09:12:41
(2 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-06-14 01:14:31
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:14:26.163619 2026] [security2:error] [pid 10983:tid 10999] [client 172.215.211.21:35635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.124"] [uri "/.git/HEAD"] [unique_id "ai4ActIjgH3cuDkWZAlexgAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Admins@FBN
2026-06-14 01:14:10
(2 weeks ago)
FW-PortScan: Traffic Blocked srcport=35625 dstport=2087
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-14 00:32:03
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 20:31:55.694711 2026] [security2:error] [pid 9415:tid 9415] [client 172.215.211.21:35630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.121"] [uri "/.git/HEAD"] [unique_id "ai32ew2qbqFclKUynNfaqwAAAFE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ธ
Scan
2026-06-13 23:59:23
(2 weeks ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐บ๐ธ
MPL
2026-06-13 23:03:46
(2 weeks ago)
tcp port scan (9 or more attempts)
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-13 22:37:04
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:36:58.476689 2026] [security2:error] [pid 7918:tid 7918] [client 172.215.211.21:36558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.165"] [uri "/.git/HEAD"] [unique_id "ai3bihBboe-dIk1yK9VXjgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 22:00:23
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.215.211.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:00:19.076711 2026] [security2:error] [pid 27304:tid 27304] [client 172.215.211.21:35734] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||192.64.150.216|F|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.216"] [uri "/.env.backup"] [unique_id "ai3S82791vKvpQZhLuijRgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-13 20:43:19
(2 weeks ago)
Sensitive file access attempt
Hacking
๐ฐ๐ท
enp0s1
2026-06-13 20:34:21
(2 weeks ago)
Auto-reported by Fail2Ban (UFW Block, Port Scan)
Port Scan
๐ฉ๐ช
kkeyser
2026-06-13 19:49:14
(2 weeks ago)
GET /.env HTTP/1.1
Web App Attack
๐ญ๐ฐ
i553041
2026-06-13 19:37:36
(2 weeks ago)
172.215.211.21 - - [14/Jun/2026:03:37:21 +0800] "GET /.git/HEAD HTTP/1.1" 404 125 "-" "Mozilla/5.0 ( ...
show more
172.215.211.21 - - [14/Jun/2026:03:37:21 +0800] "GET /.git/HEAD HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"
172.215.211.21 - - [14/Jun/2026:03:37:22 +0800] "GET /.git/config HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
172.215.211.21 - - [14/Jun/2026:03:37:22 +0800] "GET /.env HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0"
172.215.211.21 - - [14/Jun/2026:03:37:23 +0800] "GET /.env.local HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
172.215.211.21 - - [14/Jun/2026:03:37:23 +0800] "GET /.env.production HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
172
...
show less
Brute-Force
SSH
๐ฎ๐ฉ
sockominfo
2026-01-20 19:00:06
(5 months ago)
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 ( ...
show more
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 (Low). Bayesian: 40%. MITRE: T1016. Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-01-20 17:00:05
(5 months ago)
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 ( ...
show more
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 (Low). Bayesian: 38%. MITRE: T1016. Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-01-20 16:00:22
(5 months ago)
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 0/10 (INFORMATIONAL). Report ...
show more
Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack