๐บ๐ธ
FreeMyIP
2026-07-11 14:32:10
(5 days ago)
Automated fail2ban report: web application attack / scanning for exploitable paths.
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-08 01:53:29
(1 week ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-10 04:55:09
(1 month ago)
Wordpress malicious attack:[octaflood]
Web App Attack
Anonymous
2026-05-15 00:04:21
(2 months ago)
2026-05-15T02:04:18.786711+02:00 nimbus sshd[145374]: pam_unix(sshd:auth): authentication failure; l ...
show more
2026-05-15T02:04:18.786711+02:00 nimbus sshd[145374]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=172.71.164.83 user=root
2026-05-15T02:04:20.733100+02:00 nimbus sshd[145374]: Failed password for root from 172.71.164.83 port 26694 ssh2
...
show less
Brute-Force
SSH
๐ซ๐ท
masterguru
2026-04-06 09:41:43
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:Cf-Worker. (5025-201)
Hacking
๐ซ๐ท
masterguru
2026-04-06 05:34:47
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:cf-worker. (5025-196)
Hacking
๐ซ๐ท
dynamix
2026-04-05 00:30:09
(3 months ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 00:25:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 20:25:09.645708 2026] [security2:error] [pid 17325:tid 17325] [client 172.71.164.83:12442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.attendantsfromhell.com"] [uri "/.git/logs/HEAD"] [unique_id "adGr5UdfDoH4-yoZ38QVXAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 07:14:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 03:14:21.491831 2026] [security2:error] [pid 9038:tid 9059] [client 172.71.164.83:12302] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bestfriendbob.richardleeweatherman.com"] [uri "/docker/.env"] [unique_id "adC6TQtIcG4c3n3R5Uy6BQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 04:25:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 00:25:29.682807 2026] [security2:error] [pid 20819:tid 20819] [client 172.71.164.83:10156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ralphharris.org"] [uri "/www/.env"] [unique_id "adCSuW80UrJxdjt3nGoefAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-03 23:01:58
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2026-04-03 20:37:25
(3 months ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 18:16:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 14:16:41.505724 2026] [security2:error] [pid 13648:tid 13648] [client 172.71.164.83:10466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.vn-hakunabtanaguan.biz"] [uri "/.env.development.local"] [unique_id "adAECT6pCEVgQu-JNCpZTwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-04-03 15:05:27
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 04:51:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.83 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 00:51:43.801382 2026] [security2:error] [pid 20461:tid 20461] [client 172.71.164.83:13410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.niximperial.com"] [uri "/.env.local"] [unique_id "ac9HX2T5_i0XM7Rz9jwJkAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack