๐ฉ๐ช
langenkamp-media
2026-07-09 21:19:20
(1 day ago)
Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de
Web App Attack
๐บ๐ธ
mawan
2026-07-04 17:53:03
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 20:59:10
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:59:03.172183 2026] [security2:error] [pid 21079:tid 21079] [client 172.70.240.87:11167] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.sparler.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.sparler.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akbRF9eGh-CGHY0F6B5o_AAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 13:22:55
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:22:49.472774 2026] [security2:error] [pid 31972:tid 31972] [client 172.70.240.87:12921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nathsharmaandcompany.com"] [uri "/.git/config"] [unique_id "akZmKXbnR-VWUs0HaqUhuQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:22:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:21:59.095547 2026] [security2:error] [pid 31160:tid 31160] [client 172.70.240.87:13158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgewmartin.com"] [uri "/.git/config"] [unique_id "akZJ15wWd4YBkpXjRT9RZwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 20:09:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:09:38.310083 2026] [security2:error] [pid 23254:tid 23254] [client 172.70.240.87:13804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smart1services.sophcomp.com"] [uri "/.env.dev"] [unique_id "ai25AijdoVKW4jvOoXjIyQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-11 03:56:03
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 22:24:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 18:24:38.872532 2026] [security2:error] [pid 4995:tid 4995] [client 172.70.240.87:11001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "treadbox.net"] [uri "/.git/config"] [unique_id "aiNMpsTCUZ1PXZYOKffceQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
chrisj
2026-06-04 18:46:17
(1 month ago)
[Thu Jun 04 18:45:44.976865 2026] [proxy_fcgi:error] [pid 201922:tid 201922] [client 172.70.240.87:1 ...
show more
[Thu Jun 04 18:45:44.976865 2026] [proxy_fcgi:error] [pid 201922:tid 201922] [client 172.70.240.87:11348] AH01071: Got error 'Primary script unknown', referer: http://www.vandogh.com/bless.php#888xyz999
[Thu Jun 04 18:46:16.507564 2026] [proxy_fcgi:error] [pid 202484:tid 202484] [client 172.70.240.87:10120] AH01071: Got error 'Primary script unknown', referer: http://www.vandogh.com/dex.php
[Thu Jun 04 18:46:16.810677 2026] [proxy_fcgi:error] [pid 202484:tid 202484] [client 172.70.240.87:10120] AH01071: Got error 'Primary script unknown', referer: http://www.vandogh.com//zwso.php
...
show less
Brute-Force
๐บ๐ธ
mnsf
2026-06-04 15:05:19
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 23:56:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:56:11.202617 2026] [security2:error] [pid 2160:tid 2160] [client 172.70.240.87:9732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuch.net"] [uri "/.git/config"] [unique_id "aiC_G2mEjaGk5pTpJJSbtgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:48:06
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:48:02.239171 2026] [security2:error] [pid 28576:tid 28576] [client 172.70.240.87:12677] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cubicearth.com"] [uri "/.git/config"] [unique_id "ah604uCez3aZ_9TXYGwaiAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 09:34:05
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:33:59.690135 2026] [security2:error] [pid 6111:tid 6111] [client 172.70.240.87:10501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batfry.com"] [uri "/.git/config"] [unique_id "ah6jh7yIK266QUA36OgHpAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 09:05:53
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:05:46.770950 2026] [security2:error] [pid 27628:tid 27632] [client 172.70.240.87:11766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "broadmoordermatology.com"] [uri "/.git/config"] [unique_id "ah6c6galG9o7yNkQimXgWQAAAEE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 22:45:18
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.240.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 18:44:10.536453 2026] [security2:error] [pid 10781:tid 10781] [client 172.70.240.87:11781] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.thewillsmith.anthonyjoseph.us|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.thewillsmith.anthonyjoseph.us"] [uri "/config/database.php.bak"] [unique_id "ahdzugltGHPQ7vHGvmn2vwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack