๐บ๐ธ
mawan
2026-07-03 01:39:17
(8 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:29:28
(15 hours ago)
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:29:23.044314 2026] [security2:error] [pid 15268:tid 15268] [client 172.71.120.154:13918] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.pelicancovecondo.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.pelicancovecondo.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akauA6N2xhU-NcNuj1PJMwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐ฑ
router.al
2026-07-02 17:02:45
(16 hours ago)
07/02/2026-17:02:45.348831 172.71.120.154 Protocol: 6 ET SCAN LeakIX Inbound User-Agent
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 13:34:35
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:34:31.172011 2026] [security2:error] [pid 1602:tid 1602] [client 172.71.120.154:12780] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.rohn.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.rohn.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akUXZwgoH2i9HvHdUDI7wwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-30 12:23:42
(2 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-27 23:34:00
(5 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-26 19:21:00
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-24 17:42:04
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-22 22:00:31
(1 week ago)
Auto-ban: >3000 req/min op 2026-06-22
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-22 11:19:24
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 07:19:21.068806 2026] [security2:error] [pid 17355:tid 17355] [client 172.71.120.154:13876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sawted.com"] [uri "/.env.old"] [unique_id "ajkaOfhiju15g5TloudK4QAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
www.mammazone.it
2026-06-18 05:09:17
(2 weeks ago)
[Thu Jun 18 07:09:12.786534 2026] [proxy_fcgi:error] [pid 1303732] [client 172.71.120.154:13579] AH0 ...
show more
[Thu Jun 18 07:09:12.786534 2026] [proxy_fcgi:error] [pid 1303732] [client 172.71.120.154:13579] AH01071: Got error 'Primary script unknown'
[Thu Jun 18 07:09:17.602119 2026] [proxy_fcgi:error] [pid 1303732] [client 172.71.120.154:13579] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐บ๐ธ
mawan
2026-06-17 15:20:01
(2 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 06:25:27
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.120.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:25:20.385283 2026] [security2:error] [pid 27782:tid 27782] [client 172.71.120.154:11248] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.milajarecords.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.milajarecords.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ai5JUJHWNnntp_rZJ5YqQgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-10 07:05:17
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฌ๐ง
Axel
2026-06-09 04:34:45
(3 weeks ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection