๐ซ๐ท
RootOPSOVH
2026-07-18 23:25:57
(7 hours ago)
GET /wp-admin/install.php?step=1 | UA: http://rootops.ovh/wp-admin/install.php?step=1
Web Spam
Bad Web Bot
Web App Attack
๐ฉ๐ช
on-com
2026-07-18 07:02:08
(1 day ago)
URL scan
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-07-16 16:37:03
(2 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 10:55:49
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 06:55:44.884650 2026] [security2:error] [pid 16967:tid 16967] [client 172.70.248.49:9753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rntoday.com"] [uri "/.git/config"] [unique_id "ali4sBn8z_8vO8ja6EuepAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
on-com
2026-07-16 06:10:50
(3 days ago)
URL scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 10:14:19
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:13:52.029986 2026] [security2:error] [pid 6820:tid 6820] [client 172.70.248.49:14233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.km-link.gisur.com"] [uri "/.env.save"] [unique_id "alddYIL16LtSAURzd_gEWgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 08:40:43
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:40:14.658750 2026] [security2:error] [pid 27323:tid 27370] [client 172.70.248.49:10529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stock-footage-8mm.credit-card-cap.com"] [uri "/.env.backup"] [unique_id "aldHbr3B5QzrVtIgGZd0AwAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
RootOPSOVH
2026-07-13 16:05:17
(5 days ago)
GET /wp-admin/install.php?step=1 | UA: http://rootops.ovh/wp-admin/install.php?step=1
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:02:51
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:02:45.435632 2026] [security2:error] [pid 6512:tid 6512] [client 172.70.248.49:12053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "styxtake2.com"] [uri "/.git/config"] [unique_id "akZ9lf6kAUCcS9kgh_9sTAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:38:06
(2 weeks ago)
(mod_security) mod_security (id:949110) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:37:59.401236 2026] [security2:error] [pid 26117:tid 26117] [client 172.70.248.49:13998] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "lenukuhivabookings.com"] [uri "/.git/config"] [unique_id "akZbp7bbTemecBcDKpYZkwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 17:14:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 13:13:53.136642 2026] [security2:error] [pid 30491:tid 30491] [client 172.70.248.49:11337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dancingbearprinting.com"] [uri "/.git/config"] [unique_id "aiRVUauqXJndcDgsfNRrYAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 07:45:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 03:45:37.428085 2026] [security2:error] [pid 32113:tid 32113] [client 172.70.248.49:12071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leonardodecaprio.com"] [uri "/.git/config"] [unique_id "ah6KIUwDTttWWUQe6_dSDAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 07:25:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.248.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 03:24:57.349254 2026] [security2:error] [pid 392:tid 392] [client 172.70.248.49:12539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "assistfeed.com"] [uri "/.git/config"] [unique_id "ah6FSeLbwKh_xljkSe-sEwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-05-24 14:43:08
(1 month ago)
URL Probing: /wp-admin/install.php
Web App Attack
๐ฉ๐ช
on-com
2026-05-24 08:39:01
(1 month ago)
URL scan
Brute-Force
Web App Attack