πΊπΈ
TPI-Abuse
2026-07-13 14:22:54
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 10:22:48.007937 2026] [security2:error] [pid 12607:tid 12607] [client 172.69.130.18:14079] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.matteozacchino.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.matteozacchino.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alT0uLbI5ShWdxY5CdBPVgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π―π΅
S.O.B.A. Dev.
2026-07-10 00:33:08
(6 days ago)
Persistent port scanning or vulnerability scanning
Port Scan
Anonymous
2026-06-30 12:44:06
(2 weeks ago)
Web App Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-21 01:21:26
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:21:20.589366 2026] [security2:error] [pid 1512:tid 1512] [client 172.69.130.18:11513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bosch.pamplonaserviciotecnico.com"] [uri "/.git/HEAD"] [unique_id "ajc8kLFDQaZQDbYHhuKqiwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-16 14:10:58
(4 weeks ago)
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:43 +0200] "POST /xmlrpc.php HTTP/2.0" 301 162 " ...
show more
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:43 +0200] "POST /xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "2a02:c204:2273:4472::1"
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:49 +0200] "POST /wordpress/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "2a02:c204:2273:4472::1"
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:54 +0200] "POST /news/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "2a02:c204:2273:4472::1"
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:56 +0200] "POST /web/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" "2a02:c204:2273:4472::1"
172.69.130.18 - - > tecnicman.com [16/Jun/2026:16:10:58 +0200] "POST /main/xmlrpc.php HTTP/2
...
show less
Hacking
Bad Web Bot
Web App Attack
π²π½
octageeks.com
2026-06-10 04:34:24
(1 month ago)
Wordpress malicious attack:[octaflood]
Web App Attack
πΊπΈ
mnsf
2026-06-09 07:05:14
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-06-04 05:06:20
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-02 11:00:30
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 07:00:24.329959 2026] [security2:error] [pid 16958:tid 16974] [client 172.69.130.18:12700] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.southtampaprinting.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.southtampaprinting.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ah63yL8JmankIzU1vsrKswAAAU4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-21 18:43:09
(1 month ago)
Web App Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-20 11:01:02
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 07:00:58.573112 2026] [security2:error] [pid 1604:tid 1604] [client 172.69.130.18:11185] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.oglesbyproductions.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.oglesbyproductions.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ag2Uaj0pIX416r50SvWIfQAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-14 22:04:37
(3 months ago)
Web App Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 11:55:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 07:55:02.280192 2026] [security2:error] [pid 2600334:tid 2600334] [client 172.69.130.18:11479] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psicotanato.com.mx.elpais.mx"] [uri "/.env~"] [unique_id "adZCFupvuurqGMdlpdRb9QAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 05:49:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 01:49:21.270632 2026] [security2:error] [pid 1943724:tid 1943724] [client 172.69.130.18:12324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cmcnow.net"] [uri "/.env.production"] [unique_id "adXsYeo79_5NmKJZhWiLaAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-07 13:49:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 09:49:49.422914 2026] [security2:error] [pid 1210656:tid 1210763] [client 172.69.130.18:9555] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.petsentiments.com"] [uri "/.env.production"] [unique_id "adULfVbLN7qjtz-_viy-AgAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack