Anonymous
2026-07-15 20:55:10
(1 hour ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-15 17:00:24
(5 hours ago)
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 ...
show more
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 13:00:19.378546 2026] [security2:error] [pid 24414:tid 24414] [client 185.117.74.72:48338] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.mosheimlib.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mosheimlib.org"] [uri "/friends-of-the-mosheim-public-library-application/"] [unique_id "ale8o8NhfbH6JzDVqIX4ZwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iGroupware
2026-07-15 07:50:50
(14 hours ago)
{"req/ip"=>{:discriminator=>"185.117.74.72", :count=>10, :period=>180, :limit=>500, :epoch_time=>178 ...
show more
{"req/ip"=>{:discriminator=>"185.117.74.72", :count=>10, :period=>180, :limit=>500, :epoch_time=>1784101849}, "signups/ip"=>{:discriminator=>"185.117.74.72", :count=>3, :period=>3600, :limit=>5, :epoch_time=>1784101849}, "signups/email"=>{:discriminator=>"[email protected] ", :count=>3, :period=>86400, :limit=>2, :epoch_time=>1784101849}}
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 21:59:33
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-13.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-07-14 17:42:37
(1 day ago)
Detected by CrowdSec: crowdsecurity/http-bad-user-agent
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:52:59
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 ...
show more
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:52:55.122198 2026] [security2:error] [pid 15248:tid 15248] [client 185.117.74.72:52766] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||azcrittergetter.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "azcrittergetter.com"] [uri "/contact.html"] [unique_id "alWWd0xBNTKAjU62kA3vzQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:07:52
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 ...
show more
(mod_security) mod_security (id:210350) triggered by 185.117.74.72 (server117475.hostsailor.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:07:44.728301 2026] [security2:error] [pid 26269:tid 26269] [client 185.117.74.72:39108] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||guldunyayayinlari.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "guldunyayayinlari.com"] [uri "/"] [unique_id "alWL4NIlESKtRVAtrJpvIgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-13 21:59:44
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-13
Web App Attack
SSH
Hacking
Anonymous
2026-07-13 21:27:02
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฆ๐บ
LiftUp Hosting
2026-07-13 11:46:02
(2 days ago)
Honeypot hit: HTTP/1.1 request on 5443
POST /admin/ajax.php?module=blacklist
User-Agent: MyCustomUs ...
show more
Honeypot hit: HTTP/1.1 request on 5443
POST /admin/ajax.php?module=blacklist
User-Agent: MyCustomUserAgent/1.0
Accept: */*; 5443 [1], 6080 [1], 3443 [1] TCP
show less
Hacking
Bad Web Bot
๐ฎ๐ณ
liveaspankaj
2026-07-13 06:08:04
(2 days ago)
DDoS attack: 110 requests in 5m (GET / or repair.php).
DDoS Attack
๐บ๐ธ
antlac1
2026-07-13 02:40:18
(2 days ago)
LePresidente/http-generic-401-bf
Brute-Force
Web App Attack
๐ฆ๐บ
oncord
2026-07-11 08:32:49
(4 days ago)
Form spam
Web Spam
๐ฉ๐ช
YF
2026-07-10 23:30:11
(4 days ago)
WordPress content enumeration
Web App Attack
๐จ๐ญ
backslash
2026-07-10 10:18:01
(5 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot