๐ซ๐ท
dynamix
2026-06-26 17:45:32
(1 week ago)
Multiple WAF Violations
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-26 09:59:50
(1 week ago)
172.71.95.37 - - [26/Jun/2026:12:59:45 +0300] "GET /app/.git/config HTTP/1.1" 301 162 "-" "Mozilla/5 ...
show more
172.71.95.37 - - [26/Jun/2026:12:59:45 +0300] "GET /app/.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-21 22:01:18
(1 week ago)
Auto-ban: >3000 req/min op 2026-06-21
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-21 07:11:56
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 172.71.95.37 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.95.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:11:47.427597 2026] [security2:error] [pid 23536:tid 23568] [client 172.71.95.37:13228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gideonoakes.omegaoak.com"] [uri "/.env"] [unique_id "ajeOsze0DJD_5o3l5vc6jgAAARA"], referer: https://www.google.com/search?q=www.gideonoakes.omegaoak.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 18:27:04
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2026-06-17 06:39:53
(2 weeks ago)
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ...
show more
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [17/Jun/2026:08:39:52 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-06-16 03:51:48
(2 weeks ago)
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ...
show more
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 246 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
172.71.95.37 - - [16/Jun/2026:05:51:47 +0200] "GET //wp/wp-includes/wlwmanifest.xml HT
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
netclix.gr
2026-06-15 04:40:33
(2 weeks ago)
(security_scan) Sensitive File Scan Blocked 172.71.95.37 (-): 1 in the last 4600 secs; Ports: *; Dir ...
show more
(security_scan) Sensitive File Scan Blocked 172.71.95.37 (-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 172.71.95.37 - - [15/Jun/2026:07:40:13 +0300] "GET /.env HTTP/2.0" 404 532 "-" "Mozilla/5.0 (l9scan/2.0.0353e2437313e27363e2237313; +https://leakix.net)" "142.93.143.8"'/error_docs/404.html' '' '/opt/psa/admin/htdocs'
show less
Port Scan
๐บ๐ธ
mnsf
2026-06-12 16:05:26
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-12 04:51:16
(3 weeks ago)
172.71.95.37 - - [12/Jun/2026:07:51:15 +0300] "GET /.git/config HTTP/2.0" 404 134 "http://matrix.it- ...
show more
172.71.95.37 - - [12/Jun/2026:07:51:15 +0300] "GET /.git/config HTTP/2.0" 404 134 "http://matrix.it-systems.org/.git/config" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:133.0) Gecko/20100101 Firefox/133.0"
...
show less
Hacking
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-09 20:45:25
(3 weeks ago)
172.71.95.37 - - [09/Jun/2026:23:45:24 +0300] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 404 134 " ...
show more
172.71.95.37 - - [09/Jun/2026:23:45:24 +0300] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 404 134 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2026-06-09 15:29:18
(3 weeks ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-08 22:44:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.95.37 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.95.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:44:49.071020 2026] [security2:error] [pid 7830:tid 7842] [client 172.71.95.37:10025] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rmoeis.wwwhst.com"] [uri "/.git/config"] [unique_id "aidF4SjXFJLl-V3iDnK5UgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-03 05:11:37
(1 month ago)
172.71.95.37 - - [03/Jun/2026:08:11:36 +0300] "GET /.env HTTP/2.0" 404 134 "-" "Mozilla/5.0 (Macinto ...
show more
172.71.95.37 - - [03/Jun/2026:08:11:36 +0300] "GET /.env HTTP/2.0" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-29 22:07:21
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28.
show less
Web App Attack
SSH
Hacking