๐บ๐ธ
mawan
2026-07-07 05:56:17
(13 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 09:33:25
(5 days ago)
Multiple WAF Violations
Web App Attack
Anonymous
2026-06-26 22:56:51
(1 week ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 08:52:19
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:52:14.502275 2026] [security2:error] [pid 11127:tid 11127] [client 172.71.232.142:10927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mtbpv.org"] [uri "/.git/config"] [unique_id "aj49vplS0FTU3XvTQaFPdgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-22 14:07:19
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 11:34:51
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:34:47.855020 2026] [security2:error] [pid 10033:tid 10042] [client 172.71.232.142:10670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gwgfamily.giere.us"] [uri "/.git/config"] [unique_id "ajKGVw2ZQycsYff-qfAcwgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 03:05:54
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
Anonymous
2026-06-09 11:00:04
(4 weeks ago)
| Multiple common web attacks from same source ip. (multiple servers)
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-08 18:04:21
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:04:17.991198 2026] [security2:error] [pid 19160:tid 19183] [client 172.71.232.142:14296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louisgfazzi.jd-web-designs.com"] [uri "/.git/config"] [unique_id "aicEIVXDbGgUtltlEVHXbgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 16:08:35
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.232.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 12:08:28.622773 2026] [security2:error] [pid 508:tid 508] [client 172.71.232.142:9799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tpskc.teleplussolutions.com"] [uri "/.git/config"] [unique_id "aibo_GmM5gxA5F-unGl3YwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
femboy.cat
2026-05-19 13:04:53
(1 month ago)
Port scan to tcp/8080 from 172.71.232.142
Brute-Force
๐ฉ๐ช
acadeova
2026-05-08 07:49:22
(1 month ago)
๐จ Recon detected (nft drop)
SRC=172.71.232.142
Observed=TCP dpt=80 in=enp0s6 ttl=58
Time=recent(jour ...
show more
๐จ Recon detected (nft drop)
SRC=172.71.232.142
Observed=TCP dpt=80 in=enp0s6 ttl=58
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ซ๐ท
dynamix
2026-04-26 01:28:20
(2 months ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ฎ
oh.mg
2026-04-10 01:02:57
(2 months ago)
[Fri Apr 10 03:02:16.265127 2026] [security2:error] [pid 2285278:tid 2285306] [client 172.71.232.142 ...
show more
[Fri Apr 10 03:02:16.265127 2026] [security2:error] [pid 2285278:tid 2285306] [client 172.71.232.142:12261] [client 172.71.232.142] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "webmail.mrman.net"] [uri "/app/"] [unique_id "adhMGHD7pgmlB1v0YwJ-BQAAARM"]
[Fri Apr 10 03:02:56.832553 2026] [security2:error] [pid 2286628:tid 2286652] [client 172.71.232.142:9739] [client 172.71.232.142] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [ver "OWASP_CRS/4.10.0-dev
...
show less
Web App Attack
Bad Web Bot
Anonymous
2026-03-01 05:52:13
(4 months ago)
[Sun Mar 01 06:51:57.562291 2026] [authz_core:error] [pid 12681] [client 172.71.232.142:12811] AH016 ...
show more
[Sun Mar 01 06:51:57.562291 2026] [authz_core:error] [pid 12681] [client 172.71.232.142:12811] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Mar 01 06:52:12.589223 2026] [authz_core:error] [pid 20462] [client 172.71.232.142:12765] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Mar 01 06:52:12.610956 2026] [authz_core:error] [pid 20462] [client 172.71.232.142:12765] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack