๐บ๐ธ
TPI-Abuse
2026-07-02 12:22:33
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:22:29.695548 2026] [security2:error] [pid 19151:tid 19151] [client 172.68.195.197:11167] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sarahgrammer.com"] [uri "/.git/config"] [unique_id "akZYBXqQA13gMTIvrw5qtwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 23:28:08
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:27:57.332838 2026] [security2:error] [pid 27785:tid 27785] [client 172.68.195.197:10045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rvtrips.robin5on.com"] [uri "/.env.old"] [unique_id "ajxn_QAs5lxWnNFaz-Wd6QAAABc"], referer: https://www.google.com/search?q=rvtrips.robin5on.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
OptimusGO
2026-06-22 02:02:13
(1 week ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-06-22 03:02:13 UTC
Log evidence:
06/22/2026-03:02:12.719589 [**] [1:1000103:1] SECURITY Management Port Probe - CRITICAL [**] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 172.68.195.197:11943 -> 185.127.18.66:8443
show less
Port Scan
Brute-Force
๐ท๐บ
DZBOT
2026-06-13 22:48:42
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
abdubhai
2026-06-11 05:07:10
(3 weeks ago)
172.68.195.197 - - [11/Jun/2026:
...
Brute-Force
Anonymous
2026-06-09 14:55:19
(3 weeks ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/install.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 00:04:32
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:04:25.077211 2026] [security2:error] [pid 5383:tid 5383] [client 172.68.195.197:13389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.progressivefileshare.org"] [uri "/.env.dist"] [unique_id "aidYiazH_4_G0n3GGXm1FwAAACc"], referer: https://www.google.com/search?q=webmail.progressivefileshare.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-06 04:06:46
(3 weeks ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 15:31:38
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.195.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 11:31:28.488620 2026] [security2:error] [pid 21215:tid 21215] [client 172.68.195.197:13022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pocosfarm.com"] [uri "/.git/config"] [unique_id "ah73UOz6H7AnZV5Eu4d2ZwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 13:06:23
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-05-29 04:06:15
(1 month ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-05-27 04:20:16
(1 month ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-05-26 04:13:55
(1 month ago)
Wordpress malicious attack:[octawp]
Web App Attack
Anonymous
2026-05-21 02:54:45
(1 month ago)
(caddyscan) Scanner path probe from 172.68.195.197 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ...
show more
(caddyscan) Scanner path probe from 172.68.195.197 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 172.68.195.197 - - [21/May/2026:02:20:18 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.68.195.197 - - [21/May/2026:02:39:40 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.68.195.197 - - [21/May/2026:02:49:14 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.68.195.197 - - [21/May/2026:02:52:28 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.68.195.197 - - [21/May/2026:02:54:42 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
๐ท๐บ
DZBOT
2026-05-20 16:12:54
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack