๐ท๐บ
DZBOT
2026-07-18 01:52:23
(6 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:53:49
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:53:42.763233 2026] [security2:error] [pid 9923:tid 9944] [client 172.71.164.98:12194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wallstreetglobe.com"] [uri "/.git/config"] [unique_id "akaJhjVZ4nyFVi1il8mtHwAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:34:17
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:34:14.086940 2026] [security2:error] [pid 31893:tid 31893] [client 172.71.164.98:9523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trinidadlimo.com"] [uri "/.git/config"] [unique_id "akaE9m8HDt-MYgth6TYq9gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 14:40:06
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:40:00.481492 2026] [security2:error] [pid 19099:tid 19099] [client 172.71.164.98:11891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tylerdroneservices.com"] [uri "/.git/config"] [unique_id "akZ4QFaa32y4IbcG3d3CKAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
omartin
2026-07-02 11:26:16
(2 weeks ago)
Critical Vulnerability Scan detected
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 10:45:06
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:44:59.589192 2026] [security2:error] [pid 10376:tid 10376] [client 172.71.164.98:11944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dualspiralsystems.com"] [uri "/.git/config"] [unique_id "akZBK7fh6IGF6G3PXxg3ewAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BiancaNL
2026-06-30 13:35:36
(2 weeks ago)
Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-27 17:02:28
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:02:24.035398 2026] [security2:error] [pid 25361:tid 25361] [client 172.71.164.98:10386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rail-town.com"] [uri "/.git/config"] [unique_id "akACIHeKu2hpKdsK_vkpzwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-23 17:40:05
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 12:25:51
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 08:25:45.153210 2026] [security2:error] [pid 29043:tid 29043] [client 172.71.164.98:9682] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.killigrewcompany.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.killigrewcompany.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ajp7SdXmc-XEuJ134-tTVAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BiancaNL
2026-06-22 03:28:18
(3 weeks ago)
Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)
Hacking
๐ฉ๐ช
updown.io
2026-06-21 15:38:03
(3 weeks ago)
{"level":"info","ts":1782056270.6403015,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1782056270.6403015,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"172.71.164.98","remote_port":"10710","client_ip":"172.71.164.98","proto":"HTTP/1.1","method":"GET","host":"status.rehear.me","uri":"/wp-content/plugins/hellopress/wp_filemanager.php","headers":{"Cf-Ipcountry":["IT"],"Connection":["Keep-Alive"],"Accept-Encoding":["gzip"],"X-Forwarded-For":["4.232.80.255"],"Cf-Visitor":["{\"scheme\":\"http\"}"],"X-Forwarded-Proto":["http"],"Cf-Connecting-Ip":["4.232.80.255"],"Cf-Ray":["a0f418c6ea680e42-FRA"],"Cdn-Loop":["cloudflare; loops=1"]}},"bytes_read":0,"user_id":"","duration":0.000066847,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://status.rehear.me/wp-content/plugins/hellopress/wp_filemanager.php"]}}
{"level":"info","ts":1782056282.1848946,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"172.71.164.98","remote_port":"12175","c
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 05:30:48
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 01:30:40.774467 2026] [security2:error] [pid 19884:tid 19884] [client 172.71.164.98:9488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.encoremtmorris.com"] [uri "/.git/config"] [unique_id "ajd3ABVutNQ4KjesWpseHwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-19 00:36:33
(4 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
BiancaNL
2026-06-18 18:13:07
(4 weeks ago)
Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)
Hacking