๐ฎ๐ฑ
Dolphi
2026-07-06 05:30:12
(4 days ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-29 23:59:18
(1 week ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 23:35:54
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:35:48.984055 2026] [security2:error] [pid 4299:tid 4299] [client 185.132.187.238:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rodrigoaldecoa.com"] [uri "/.env"] [unique_id "akMBVEqLRZdaTlmtpnttUwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-08 00:43:36
(1 month ago)
10 attempts against mh-misc-ban on frost
Web App Attack
๐ซ๐ท
Octopuce
2026-06-05 22:02:46
(1 month ago)
Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ...
show more
Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ...
show less
Web App Attack
Anonymous
2026-06-03 20:22:04
(1 month ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 18:52:49
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:52:46.430464 2026] [security2:error] [pid 22055:tid 22055] [client 185.132.187.238:37071] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bhsp.org"] [uri "/.git/"] [unique_id "aiB3_jmi_3N05o70x3kCfwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 18:14:50
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:14:42.459986 2026] [security2:error] [pid 8412:tid 8426] [client 185.132.187.238:43803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "104ventures.com"] [uri "/.git/config"] [unique_id "aiBvEokicU168QNwcsaNEAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 17:32:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 13:32:44.066228 2026] [security2:error] [pid 10958:tid 10958] [client 185.132.187.238:55659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whitelabelcasinoportal.net"] [uri "/.git/HEAD"] [unique_id "aiBlPP2Q_wLeXOyDaqflmwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-03 17:08:02
(1 month ago)
Fail2Ban - [WEB]Exploit attempts (SQLi, RCE, path traversal) on webexploits ... [ice02]
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 16:27:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 12:27:29.033270 2026] [security2:error] [pid 31183:tid 31183] [client 185.132.187.238:61195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sovereignstartups.com"] [uri "/.git/HEAD"] [unique_id "aiBV8XbQmshHMAFsw0eaaQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-03 16:06:02
(1 month ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 15:48:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 11:48:14.150304 2026] [security2:error] [pid 24977:tid 24977] [client 185.132.187.238:46185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cozydesignae.com"] [uri "/.git/"] [unique_id "aiBMvpVwGIFd6wccFWn4rwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 14:37:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 10:37:52.266547 2026] [security2:error] [pid 13128:tid 13128] [client 185.132.187.238:37397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manjitsingh.com"] [uri "/.git/HEAD"] [unique_id "aiA8QJYX8xMSWAJu1AGcLQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 13:41:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.132.187.238 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 09:41:14.814751 2026] [security2:error] [pid 21639:tid 21639] [client 185.132.187.238:36043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bordwell.com"] [uri "/.git/config"] [unique_id "aiAu-tKMyv-x227Qzva3CQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack