๐ฉ๐ช
LRob.fr
2026-06-23 18:15:10
(5 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
Anonymous
2026-05-03 15:32:21
(1 month ago)
209.50.180.200 - - [03/May/2026:23:32:21 +0800] "GET /.env HTTP/1.1" 301 236 "-" "Mozilla/5.0 (Linux ...
show more
209.50.180.200 - - [03/May/2026:23:32:21 +0800] "GET /.env HTTP/1.1" 301 236 "-" "Mozilla/5.0 (Linux; Android 9; LLD-AL10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 11:25:46
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 06:25:43.473498 2025] [security2:error] [pid 2644682:tid 2644707] [client 209.50.180.200:56621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettleofgold.com"] [uri "/.env"] [unique_id "aVJlN4bE9pXjh74wbNagpAAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 09:47:48
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 04:47:43.693967 2025] [security2:error] [pid 13229:tid 13229] [client 209.50.180.200:14825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amatosdrywall.com"] [uri "/.svn/wc.db"] [unique_id "aVJOP2RYkpIPOd3C9f_YywAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 06:30:06
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 01:29:56.665229 2025] [security2:error] [pid 6553:tid 6553] [client 209.50.180.200:23055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "littlepeopledelivery.com"] [uri "/.git/HEAD"] [unique_id "aVIf5O0UJKEZFSZ81Or8nwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 05:37:43
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:37:37.664082 2025] [security2:error] [pid 17816:tid 17816] [client 209.50.180.200:43961] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title49.com"] [uri "/.svn/wc.db"] [unique_id "aVIToU5ljkV_gclaRFksXgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 05:07:19
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:07:13.949734 2025] [security2:error] [pid 12950:tid 12950] [client 209.50.180.200:21389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "misscharlottemusic.com"] [uri "/.svn/wc.db"] [unique_id "aVIMgXjzFcwT3tSzVOvq4gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 04:16:08
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:16:03.938329 2025] [security2:error] [pid 21583:tid 21583] [client 209.50.180.200:13821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cajunfriedturkey.com"] [uri "/.svn/wc.db"] [unique_id "aVIAg79QfiyZBwaKFCR8MAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 03:42:57
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 22:42:53.686255 2025] [security2:error] [pid 26107:tid 26107] [client 209.50.180.200:59445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "westernweddingnapkins.com"] [uri "/.env"] [unique_id "aVH4vbGSPk3P3Re6GZUaJwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-25 07:18:05
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.50.180.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 25 02:18:00.016364 2025] [security2:error] [pid 21952:tid 21952] [client 209.50.180.200:17877] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "magacine.tv"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aUzlKNeHgGpRUfa1C6tupgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2025-12-24 05:45:12
(6 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ง๐ท
hostseries
2025-12-24 04:59:26
(6 months ago)
Trigger: LF_DISTATTACK
Brute-Force
Anonymous
2025-12-14 20:38:23
(6 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host