๐ณ๐ด
jad-abuse
2026-07-08 04:36:09
(1 day ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:57:53
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:57:49.723259 2026] [security2:error] [pid 5172:tid 5172] [client 172.71.144.53:11250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heinzmail.com"] [uri "/.git/config"] [unique_id "akaKfRvOLYOouZqEW76fQwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:05:30
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:05:22.590896 2026] [security2:error] [pid 10844:tid 10844] [client 172.71.144.53:12791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ronniescedarinn.com"] [uri "/.git/config"] [unique_id "akZUAkethjXt55p4L4N35wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
Kinsei Engineering Inc.
2026-06-25 13:40:48
(1 week ago)
UFW:High-frequency access to unused ports
Port Scan
๐บ๐ธ
johnkarlhill
2026-06-24 16:43:05
(2 weeks ago)
WebKnight blocked malicious web request on johnkarlhill.com
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-19 16:03:27
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:03:21.994360 2026] [security2:error] [pid 12129:tid 12135] [client 172.71.144.53:12021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houston-plastic-surgeon.aafm.us"] [uri "/.git/config"] [unique_id "ajVoSRZdohc3R-mxiLuZGAAAAYM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐น
vikal
2026-06-15 11:51:19
(3 weeks ago)
172.71.144.53 - - [15/Jun/2026:13:51:18 +0200] "GET /admin HTTP/1.1" 200 4768 "-" "Mozilla/5.0 (Maci ...
show more
172.71.144.53 - - [15/Jun/2026:13:51:18 +0200] "GET /admin HTTP/1.1" 200 4768 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15"
...
show less
Brute-Force
SSH
๐บ๐ธ
xxkodedxx
2026-06-06 23:53:51
(1 month ago)
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10 ...
show more
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10m window.
Origin: DE / AS13335 Cloudflare, Inc.
Active: 23:53:16 UTC
Volume: 1 HTTP req
Probed: /.git/config
Status mix: 444ร1
Vhost fishing: cards.zvxlabs.com
UA: "Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 Version/17.0 Mobile Safari/604.1"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 19:17:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:17:02.245188 2026] [security2:error] [pid 26810:tid 26820] [client 172.71.144.53:9962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gapm.eu"] [uri "/.git/config"] [unique_id "aiHPLk4W5Gk8EwBiwAg1qwAAAQY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 02:24:36
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 22:24:30.481944 2026] [security2:error] [pid 3778:tid 3778] [client 172.71.144.53:12376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhispertwins.com"] [uri "/.git/config"] [unique_id "aiDh3uO6SeVOew63tiSiUAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 17:05:06
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 14:04:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.144.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 10:04:29.594335 2026] [security2:error] [pid 18231:tid 18238] [client 172.71.144.53:13386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themarketplacelb.com"] [uri "/.git/config"] [unique_id "ah7i7aJozyhZKsAskKUjhAAAAUU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-05-26 05:50:00
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
Anonymous
2026-05-21 02:53:55
(1 month ago)
(caddyscan) Scanner path probe from 172.71.144.53 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 172.71.144.53 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 172.71.144.53 - - [21/May/2026:02:26:48 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.71.144.53 - - [21/May/2026:02:39:49 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.71.144.53 - - [21/May/2026:02:52:27 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.71.144.53 - - [21/May/2026:02:53:16 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.71.144.53 - - [21/May/2026:02:53:54 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
๐บ๐ธ
octageeks.com
2026-05-13 04:06:26
(1 month ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack