Anonymous
2025-12-22 14:08:14
(6 months ago)
apache vulnerability scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-30 16:56:48
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 30 12:56:40.821332 2025] [security2:error] [pid 13827:tid 13827] [client 193.218.118.89:50318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puckerbikinis.com"] [uri "/.git/config"] [unique_id "aGLByCDhM9ECc4-LKqnaMgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-30 01:23:34
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 29 21:23:26.909024 2025] [security2:error] [pid 2532181:tid 2532195] [client 193.218.118.89:47284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.callaplusfirst.com"] [uri "/.git/config"] [unique_id "aGHnDkR1EbmI9oQdjTwR1gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob.fr
2025-06-25 11:00:14
(1 year ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-20 18:43:44
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 14:43:38.351612 2025] [security2:error] [pid 2768891:tid 2768891] [client 193.218.118.89:57836] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshallcurry.com"] [uri "/.git/config"] [unique_id "aFWr2sSmggT0lmCdAxjFKgAAAGM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-19 03:42:58
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 18 23:42:54.146635 2025] [security2:error] [pid 2325725:tid 2325725] [client 193.218.118.89:57202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creationorevolution.net"] [uri "/wp-config.php.save.2"] [unique_id "aFOHPtbdxecbqSO4vSxWaQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-06-18 10:58:09
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ธ๐ช
cheatmaster.store
2025-06-08 23:40:23
(1 year ago)
Blocked on port 52190 (TTL:244, LEN:114, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:4 ...
show more
Blocked on port 52190 (TTL:244, LEN:114, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:44:55 SRC=193.218.118.89 DST=45.134.39.16 LEN=114 TOS=0x00 PREC=0x00 TTL=244 ID=12345 PROTO=TCP SPT=12345 DPT=52190 WINDOW=65535 RES=0x00 SYN URGP=0. Reported by DigitalLodge Security.
show less
Hacking
Brute-Force
๐ฉ๐ช
LRob.fr
2025-06-08 23:00:06
(1 year ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ต๐ฑ
vexhost.pl
2025-06-08 12:42:03
(1 year ago)
Suspicous activity [srv-R9-1] | 2025-06-08 12:42:03 UTC
Brute-Force
๐ซ๐ฎ
Study Bitcoin ๐ค
2025-06-06 21:34:49
(1 year ago)
SSH Fail2Ban [gda]
Brute-Force
Anonymous
2025-06-06 21:33:46
(1 year ago)
Jun 6 23:33:45 mx1 sshd[4046990]: User root from 193.218.118.89 not allowed because not listed in A ...
show more
Jun 6 23:33:45 mx1 sshd[4046990]: User root from 193.218.118.89 not allowed because not listed in AllowUsers
show less
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-05-29 06:15:52
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 02:15:45.203555 2025] [security2:error] [pid 2690003:tid 2690024] [client 193.218.118.89:39194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.wakhan-adventure.com"] [uri "/.git/config"] [unique_id "aDf7kRaZjqa5I4FSyd3WKwAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-05-22 22:51:50
(1 year ago)
ThreatBook Intelligence: tor_proxy,Zombie more details on https://threatbook.io/ip/193.218.118.89
SSH
๐บ๐ธ
TPI-Abuse
2025-05-22 15:42:15
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 193.218.118.89 (89.118.218.193.urdn.com.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 22 11:42:12.069601 2025] [security2:error] [pid 2878670:tid 2878670] [client 193.218.118.89:44630] [client 193.218.118.89] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.slimlaw.com"] [uri "/.git/config"] [unique_id "aC9F1CA1WITdtTlTlsRzbAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack