๐ต๐ฑ
nakordoni.eu
2026-06-27 22:00:04
(2 days ago)
Blocked by nakordoni.eu automated security: 404 flood / bad web bot. Jail: nakordoni-404-flood, 30 m ...
show more
Blocked by nakordoni.eu automated security: 404 flood / bad web bot. Jail: nakordoni-404-flood, 30 matches. ISP: TechTies Inc. (NL), Usage: Data Center/Web Hosting/Transit. Prior AbuseIPDB score at ban time: 67/100.
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-27 18:12:52
(2 days ago)
Suspicious HTTP(s) activity without a user agent provided
Bad Web Bot
๐ฉ๐ช
ramazan
2026-06-27 11:59:30
(2 days ago)
Fail2Ban: nginx-4xx | Failures: 13 | Log: /.map /:[ /:[%7B.map /category/genel/.map /category/wazuh/ ...
show more
Fail2Ban: nginx-4xx | Failures: 13 | Log: /.map /:[ /:[%7B.map /category/genel/.map /category/wazuh/.map
show less
Web App Attack
Hacking
Anonymous
2026-06-26 18:29:15
(3 days ago)
Spam registration attempt on forum.
Web Spam
Blog Spam
๐บ๐ธ
wordpresshosting.solutions
2026-06-21 17:58:27
(1 week ago)
Web app vulnerability scanning detected. Evidence: 91.92.40.117 - - [21/Jun/2026:17:58:26 +0000] "GE ...
show more
Web app vulnerability scanning detected. Evidence: 91.92.40.117 - - [21/Jun/2026:17:58:26 +0000] "GET /phpinfo HTTP/1.1" 404 67950 "https://[DOMAIN]/phpinfo" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1"
91.92.40.117 - - [21/Jun/2026:17:58:27 +0000] "GET /_profiler/phpinfo HTTP/1.1" 404 64606 "https://[DOMAIN]/_profiler/phpinfo" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
Web App Attack
๐ซ๐ท
dynamix
2026-06-21 08:11:38
(1 week ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 06:03:08
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 91.92.40.117 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 91.92.40.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 02:03:04.207719 2026] [security2:error] [pid 22568:tid 22568] [client 91.92.40.117:57162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kln.ne.jp"] [uri "/jehovah/.env"] [unique_id "ajd-mG3ubrfOu4QPOo8mbgAAAAE"], referer: http://xn--ick3d6az397ak06a.net/.env
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
alessio loto
2026-06-17 12:35:45
(1 week ago)
WAF Detection: Empty_UserAgent (Abusive IP). AI Confirmed Attack Payload.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 11:56:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 91.92.40.117 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 91.92.40.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:56:26.359550 2026] [security2:error] [pid 7625:tid 7743] [client 91.92.40.117:56904] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mwcecommerce.com"] [uri "/.env"] [unique_id "ajKLapPzWDAqfE9qEnZl0wAAAs8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
AGEPCom
2026-06-16 10:17:12
(1 week ago)
Smart-Ban: IP bannie via score AbuseIPDB
Brute-Force
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-16 07:53:42
(1 week ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-06-16 02:06:09
(2 weeks ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (16/60 min)'; Requests=16
Port Scan
๐ฌ๐ง
Mendip_Defender
2026-06-15 23:26:45
(2 weeks ago)
91.92.40.117 - - [16/Jun/2026:00:26:30 +0100] "GET /amenities/ashwick-church-rooms/.map HTTP/1.1" 40 ...
show more
91.92.40.117 - - [16/Jun/2026:00:26:30 +0100] "GET /amenities/ashwick-church-rooms/.map HTTP/1.1" 404 51294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0"
91.92.40.117 - - [16/Jun/2026:00:26:32 +0100] "GET /amenities/ashwick-oakhill-village-hall/booking-information/.map HTTP/1.1" 404 51294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0"
91.92.40.117 - - [16/Jun/2026:00:26:39 +0100] "GET /amenities/post-office/.map HTTP/1.1" 404 51294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-15 16:01:21
(2 weeks ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-15 10:37:51
(2 weeks ago)
(y3) Failed access -byebye- from 91.92.40.117 (BG/Bulgaria/-): (CF_ENABLE)
Hacking