π©πͺ
BiancaNL
2026-07-02 20:08:05
(5 days ago)
Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)
Hacking
πΊπΈ
TPI-Abuse
2026-07-02 13:31:40
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:31:34.934721 2026] [security2:error] [pid 4103:tid 4103] [client 172.70.247.214:12305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dave-curtis.com"] [uri "/.git/config"] [unique_id "akZoNkJBEGfSk92hTHCqFQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ut-addicted.com
2026-06-02 10:54:48
(1 month ago)
\[Tue Jun 02 12:54:46.930719 2026\] \[:error\] \[pid 26936:tid 139785821722368\] \[client 172.70.247 ...
show more
\[Tue Jun 02 12:54:46.930719 2026\] \[:error\] \[pid 26936:tid 139785821722368\] \[client 172.70.247.214:12195\] \[client 172.70.247.214\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "ut-addicted.com"\] \[uri "/.git/config"\] \[unique_id "ah62djClaqi3EpPdlXw3ZAAAAMg"\]
show less
Brute-Force
Web App Attack
π³π±
homeshowdomain.nl
2026-05-29 21:59:32
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-29
Web App Attack
SSH
Hacking
π©πͺ
www.mammazone.it
2026-04-08 22:30:47
(2 months ago)
[Thu Apr 09 00:30:46.063024 2026] [proxy_fcgi:error] [pid 1864177] [client 172.70.247.214:9926] AH01 ...
show more
[Thu Apr 09 00:30:46.063024 2026] [proxy_fcgi:error] [pid 1864177] [client 172.70.247.214:9926] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
Web App Attack
π³π±
jjnxpct
2026-04-02 03:49:33
(3 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env.php (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env.php]
show less
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-04-01 20:24:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 16:24:51.663602 2026] [security2:error] [pid 19752:tid 19752] [client 172.70.247.214:10065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gazeboweddinginvitations.com"] [uri "/.env"] [unique_id "ac1_E2sKG54WW6fco5syeAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 11:24:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:24:00.083134 2026] [security2:error] [pid 9972:tid 9972] [client 172.70.247.214:14211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scothorn.net"] [uri "/.env.dev.local"] [unique_id "acpdUPgluzfOVIqdzLdmBwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
abdubhai
2026-03-30 10:15:44
(3 months ago)
172.70.247.214 - - [30/Mar/2026:
...
Brute-Force
πΊπΈ
TPI-Abuse
2026-03-29 22:07:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 18:07:31.167953 2026] [security2:error] [pid 31226:tid 31226] [client 172.70.247.214:10275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bespoke-ss.com"] [uri "/.git/refs/heads/main"] [unique_id "acmio4CkGY1C-6wp8E2BswAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-03-29 22:06:29
(3 months ago)
Scanning/Probing (18)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-29 21:22:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 17:22:22.139764 2026] [security2:error] [pid 9316:tid 9316] [client 172.70.247.214:12347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mukau.com"] [uri "/.git/refs/heads/master"] [unique_id "acmYDga31W-SSdlWpKEDqAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-03-29 18:07:13
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:cf-worker. (5025-196)
Hacking
Anonymous
2026-03-25 14:50:13
(3 months ago)
| SQL injection attempt.
Web App Attack
Hacking
SQL Injection
πΊπΈ
TPI-Abuse
2026-03-21 02:12:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.247.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:12:32.967963 2026] [security2:error] [pid 4943:tid 4943] [client 172.70.247.214:11379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.freedomrailroad.com.coolingsprings.org"] [uri "/.env_secret"] [unique_id "ab3-kMkL0saEtyub-BLNRQAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack