Anonymous
2026-07-02 20:22:25
(10 hours ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 01:47:01
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:46:53.668770 2026] [security2:error] [pid 3814:tid 3814] [client 172.69.130.107:9793] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.soonerstone.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.soonerstone.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akMgDeGlc5ZAEcuW-d2CdQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 15:19:47
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 11:19:44.453304 2026] [security2:error] [pid 17607:tid 17607] [client 172.69.130.107:13981] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.rendermatrix.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.rendermatrix.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akKNEAvUU9r8iMZ57zfuvgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 20:14:47
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 16:14:44.281009 2026] [security2:error] [pid 23630:tid 23630] [client 172.69.130.107:12548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "realtorpaul.buynorthwest.com"] [uri "/.env.old"] [unique_id "ajw6tExp0f4bgpuY0c9cNQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-18 15:49:40
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:49:34.417577 2026] [security2:error] [pid 12138:tid 12138] [client 172.69.130.107:9658] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.datedraft.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.datedraft.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ajQTjtNZ7JJA0sDfsDutCwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-06-16 21:59:51
(2 weeks ago)
Auto-ban: >3000 req/min op 2026-06-16
Web App Attack
SSH
Hacking
πΊπΈ
slay3r9903
2026-06-10 12:38:07
(3 weeks ago)
Web app scanning
Brute-Force
Port Scan
Anonymous
2026-06-02 11:04:37
(1 month ago)
Aggressive web scan
Web App Attack
Anonymous
2026-05-31 20:04:58
(1 month ago)
Aggressive web scan
Web App Attack
Anonymous
2026-05-27 08:44:38
(1 month ago)
Aggressive web scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-20 11:32:11
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 07:32:07.678514 2026] [security2:error] [pid 3514:tid 3514] [client 172.69.130.107:9853] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.thediscounttoolbox.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.thediscounttoolbox.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ag2bt9r32AzoiSdXuN0acQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-19 17:52:28
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 13:52:22.708563 2026] [security2:error] [pid 13952:tid 13952] [client 172.69.130.107:12724] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.launderpet.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.launderpet.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "agyjVhZA9wt73uSYTxJNkwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-11 00:38:41
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 20:38:36.236261 2026] [security2:error] [pid 1110:tid 1110] [client 172.69.130.107:10988] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.waggonerfinancial.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.waggonerfinancial.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "agElDMh9auv_lGrjvXgOgwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-06 18:54:48
(1 month ago)
Aggressive web scan
Web App Attack
Anonymous
2026-04-30 17:03:33
(2 months ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack