๐ฒ๐ฝ
octageeks.com
2026-07-09 04:08:47
(2 days ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-05-29 09:27:35
(1 month ago)
104.23.253.121 - - [29/May/2026:12:27:34 +0300] "GET //web/wp-includes/wlwmanifest.xml HTTP/2.0" 502 ...
show more
104.23.253.121 - - [29/May/2026:12:27:34 +0300] "GET //web/wp-includes/wlwmanifest.xml HTTP/2.0" 502 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฌ๐ง
andypiper
2026-04-27 00:33:15
(2 months ago)
CrowdSec ban for crowdsecurity/netgear-router-bruteforce
Brute-Force
Web App Attack
Anonymous
2026-04-26 01:28:04
(2 months ago)
Fail2ban filtered
...
Web App Attack
Anonymous
2026-04-23 05:14:08
(2 months ago)
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-04-20 22:04:30
(2 months ago)
Auto-ban: >3000 req/min op 2026-04-20
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-04-03 15:32:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 11:32:07.944307 2026] [security2:error] [pid 3709:tid 3709] [client 104.23.253.121:9794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.chadfishman.com"] [uri "/.env.docker"] [unique_id "ac_dd4DBT8wIeawdcMUN3wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-02 12:19:13
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-30 01:07:20
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 02:46:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:46:22.327340 2026] [security2:error] [pid 3901780:tid 3901780] [client 104.23.253.121:10610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cherylpelletier.com"] [uri "/.env_backup"] [unique_id "ab4Gfl2-ZtQ25jwoyoBaVgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 08:18:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 04:18:38.104142 2026] [security2:error] [pid 27720:tid 27720] [client 104.23.253.121:12327] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.desertvacationvillas.com"] [uri "/api/.env"] [unique_id "ab0C3rlOEwJnkTJlT_8b4AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:48:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:48:11.919323 2026] [security2:error] [pid 2895:tid 2895] [client 104.23.253.121:12633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.kewlkarz.com"] [uri "/.env.example"] [unique_id "abztq21wBQXxnKoC9sSLGgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:18:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:18:33.269809 2026] [security2:error] [pid 3467:tid 3467] [client 104.23.253.121:9811] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.glolady.com"] [uri "/.env.prod"] [unique_id "abzKmR05fo4rNgTH2TruvAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:29:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:29:51.085476 2026] [security2:error] [pid 19345:tid 19345] [client 104.23.253.121:11999] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.vittariahealth.com"] [uri "/.env.save"] [unique_id "aby_L7d20KR6mtv7nRlTLQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:57:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:57:23.566453 2026] [security2:error] [pid 6190:tid 6190] [client 104.23.253.121:12147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.calebmukinyo.xyz"] [uri "/.env~"] [unique_id "abypgzwXc9QDuYHOBlr78QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack