π©πͺ
langenkamp-media
2026-07-05 20:17:07
(4 hours ago)
Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de
Web App Attack
π©πͺ
on-com
2026-07-03 12:07:01
(2 days ago)
URL scan
Brute-Force
Web App Attack
π·πΊ
DZBOT
2026-07-03 04:16:59
(2 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 09:50:19
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:50:10.964520 2026] [security2:error] [pid 30352:tid 30352] [client 172.69.150.250:11206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brbvip.com"] [uri "/.git/config"] [unique_id "akY0Uv8AXFDUlh01s5iCkgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 03:31:32
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 23:31:26.051771 2026] [security2:error] [pid 23337:tid 23337] [client 172.69.150.250:10964] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.deckmasterscompany.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.deckmasterscompany.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akM4jsX_yECxNCYtxfVEGQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 01:35:00
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 21:34:54.865023 2026] [security2:error] [pid 25905:tid 25905] [client 172.69.150.250:10654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cedula3.com"] [uri "/.env.dist"] [unique_id "akB6PpgYF5C7N_PPrDQhLgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 06:29:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:29:02.227728 2026] [security2:error] [pid 19697:tid 19697] [client 172.69.150.250:12872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jinglybits.com"] [uri "/.git/config"] [unique_id "aj4cLkhA65ClAeUxa-IhfQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
langenkamp-media
2026-06-25 22:13:29
(1 week ago)
Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 23:58:25
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.150.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:58:18.351625 2026] [security2:error] [pid 10397:tid 10397] [client 172.69.150.250:12817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sabecocont.com"] [uri "/.env.sample"] [unique_id "ajxvGvsVZRikMn4AvY-UygAAAAg"], referer: https://www.google.com/search?q=sabecocont.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
langenkamp-media
2026-06-21 06:46:39
(2 weeks ago)
Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de
Web App Attack
π§π·
maviei
2026-06-11 11:44:44
(3 weeks ago)
2026-06-11T08:44:41.272939-03:00 srv1251771 kernel: [945111.577992] [UFW BLOCK] IN=eth0 OUT= MAC=40: ...
show more
2026-06-11T08:44:41.272939-03:00 srv1251771 kernel: [945111.577992] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.69.150.250 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=65079 DF PROTO=TCP SPT=14069 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-11T08:44:42.298863-03:00 srv1251771 kernel: [945112.603844] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.69.150.250 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=65080 DF PROTO=TCP SPT=14069 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-11T08:44:43.322555-03:00 srv1251771 kernel: [945113.627403] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.69.150.250 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=65081 DF PROTO=TCP SPT=14069 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
π©πͺ
langenkamp-media
2026-06-08 17:35:20
(3 weeks ago)
Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de
Web App Attack
π·πΊ
DZBOT
2026-06-08 13:02:47
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π©πͺ
4server
2026-06-04 00:47:53
(1 month ago)
[ThuJun0402:47:49.1534452026][security2:error][pid2533945:tid2534072][client172.69.150.250:0]ModSecu ...
show more
[ThuJun0402:47:49.1534452026][security2:error][pid2533945:tid2534072][client172.69.150.250:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\|wget\|python\|nikto\|sqlmap\|acunetix\|fimap\|dirbuster\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"tourkomanis.ch\"][uri\"/.git/config\"][unique_id\"aiDLNUaFjSMqTANgDLL-VQAAAJA\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-06-02 23:05:34
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack