๐บ๐ธ
mawan
2026-07-07 23:46:04
(9 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐จ๐ญ
ALPHANET
2026-07-07 06:58:07
(1 day ago)
web exploits
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:00:27
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:00:22.005197 2026] [security2:error] [pid 3812:tid 3812] [client 172.71.172.81:10752] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jazzclubla.com"] [uri "/.git/config"] [unique_id "akZS1sbchc6woGZJrh-f4gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
maviei
2026-06-22 15:03:59
(2 weeks ago)
2026-06-22T12:03:56.220277-03:00 srv1251771 kernel: [1907463.987159] [UFW BLOCK] IN=eth0 OUT= MAC=40 ...
show more
2026-06-22T12:03:56.220277-03:00 srv1251771 kernel: [1907463.987159] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.172.81 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=62374 DF PROTO=TCP SPT=9708 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-22T12:03:57.240625-03:00 srv1251771 kernel: [1907465.010558] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.172.81 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=62375 DF PROTO=TCP SPT=9708 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-06-22T12:03:58.265586-03:00 srv1251771 kernel: [1907466.032571] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=172.71.172.81 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=62376 DF PROTO=TCP SPT=9708 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-16 05:26:22
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:26:17.574785 2026] [security2:error] [pid 2720:tid 2720] [client 172.71.172.81:10889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaksato.com"] [uri "/.git/config"] [unique_id "ajDeee5kV8xjQI7bM1kt3gAAADA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rip
2026-06-15 11:03:37
(3 weeks ago)
Restricted File Access Attempts
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 20:19:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:19:08.388244 2026] [security2:error] [pid 26854:tid 26854] [client 172.71.172.81:12218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mariettacaseyclub.org"] [uri "/.git/config"] [unique_id "aiHdvBKCo_oxBSO-CKxDgQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 21:35:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:35:28.732159 2026] [security2:error] [pid 5608:tid 5613] [client 172.71.172.81:9497] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gafmboard.com"] [uri "/.git/config"] [unique_id "ah9MoLo6uP97usmbE2YQMwAAAQE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 13:11:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:10:55.876853 2026] [security2:error] [pid 22275:tid 22275] [client 172.71.172.81:11798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackieherbach.com"] [uri "/.git/config"] [unique_id "ah7WX64R0yga7RunlhpROQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 08:06:47
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-29 22:06:38
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
acadeova
2026-05-29 08:34:21
(1 month ago)
๐จ Recon detected (nft drop)
SRC=172.71.172.81
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.71.172.81
Observed=TCP dpt=80 in=enp0s6 ttl=59
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-28 12:20:18
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.172.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 08:20:14.774938 2026] [security2:error] [pid 15290:tid 15290] [client 172.71.172.81:11794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.marcosmelero.com"] [uri "/.git/config"] [unique_id "ahgy_vfyK0nlgNuVlbplzQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-05-25 12:05:07
(1 month ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-05-23 19:34:35
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack