๐บ๐ธ
mawan
2026-07-08 02:35:20
(1 hour ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 14:21:38
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:21:31.436093 2026] [security2:error] [pid 14917:tid 14917] [client 172.71.164.33:13406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rockitfish.com"] [uri "/.git/config"] [unique_id "akZz63tgNwYjsQ1MyWQqBgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:47:24
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:47:20.422349 2026] [security2:error] [pid 28077:tid 28077] [client 172.71.164.33:10675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "churchtop.com"] [uri "/.git/config"] [unique_id "akZd2LQ0dFdJDxJZ20obMAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:34:05
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:33:57.098969 2026] [security2:error] [pid 31791:tid 31791] [client 172.71.164.33:13424] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gwdailey.com"] [uri "/.git/config"] [unique_id "akZMpbYZgBBfNOOzFXy7-AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Actors.Bible
2026-06-23 09:44:32
(2 weeks ago)
Webapp Vulnerability Probing:
GET /.git/config
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-17 13:22:43
(2 weeks ago)
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Ob ...
show more
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 2 hits.
show less
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-06-13 21:17:51
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
Kreapptivo
2026-06-08 09:03:23
(4 weeks ago)
172.71.164.33 - - [08/Jun/2026:11:03:19 +0200] "GET /.git/config HTTP/2.0" 404 801 "-" "Mozilla/5.0 ...
show more
172.71.164.33 - - [08/Jun/2026:11:03:19 +0200] "GET /.git/config HTTP/2.0" 404 801 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/127.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:47:38
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:47:34.258801 2026] [security2:error] [pid 3096:tid 3096] [client 172.71.164.33:13364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alkymera.com"] [uri "/.git/config"] [unique_id "aiYtRkOUEMrnPJNQAOw6FAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-04 06:06:43
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 16:17:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 12:16:56.354578 2026] [security2:error] [pid 21868:tid 21868] [client 172.71.164.33:10066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "instituteofscience.com"] [uri "/.git/config"] [unique_id "ah8B-I_1kkV4Gusz7o7d6gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 15:50:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 11:49:55.553727 2026] [security2:error] [pid 13896:tid 13896] [client 172.71.164.33:11298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honigcpa.com"] [uri "/.git/config"] [unique_id "ah77o61w5m8r-gViAooMXwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:52:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:52:01.452207 2026] [security2:error] [pid 16417:tid 16417] [client 172.71.164.33:9719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dogandponyband.com"] [uri "/.git/config"] [unique_id "ah610WqSwjRTbRR_Q5rTUAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 03:05:36
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 02:52:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 22:52:46.421212 2026] [security2:error] [pid 12099:tid 12158] [client 172.71.164.33:14055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "steedtimber.com"] [uri "/.git/config"] [unique_id "ah5Ffq6R9tQLnp5ZLOWTNQAAAVU"]
show less
Brute-Force
Bad Web Bot
Web App Attack