๐ซ๐ฎ
decode5921
2026-07-04 22:15:03
(5 hours ago)
Honeypot hit (honeypot:debug) โ probed a non-existent bait path on a site that does not run that sof ...
show more
Honeypot hit (honeypot:debug) โ probed a non-existent bait path on a site that does not run that software.
show less
Brute-Force
Web App Attack
๐จ๐ญ
blinx
2026-07-04 22:09:06
(5 hours ago)
Suspicious activity detected by Modsecurity
Web Spam
Port Scan
Hacking
Bad Web Bot
Web App Attack
๐ฆ๐บ
Block Rockin' Beats
2026-07-04 20:44:03
(6 hours ago)
Scanning for exploitable scripts
Hacking
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-04 19:44:13
(7 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:56:10
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:56:04.541927 2026] [security2:error] [pid 17234:tid 17240] [client 107.170.60.13:51112] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beckmon.com"] [uri "/.env"] [unique_id "aklXRJ7EEH_QfPRLczTqQQAAAMA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:08:03
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:07:54.920799 2026] [security2:error] [pid 487:tid 487] [client 107.170.60.13:39922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beatleloversdream.com"] [uri "/.env"] [unique_id "aklL-opzddSyeWj31x-ACgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:03:13
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:03:05.627151 2026] [security2:error] [pid 8217:tid 8217] [client 107.170.60.13:40450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "azdar.am"] [uri "/.env"] [unique_id "akkgqS_NjVOVnEe3zF_y8QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-07-04 14:15:53
(13 hours ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ง๐ท
Halux
2026-07-04 11:50:11
(15 hours ago)
107.170.60.13 Probing protected path or service
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:07:49
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:07:44.310385 2026] [security2:error] [pid 23447:tid 23447] [client 107.170.60.13:49032] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.merlinaerospace.com"] [uri "/.env"] [unique_id "aki_UJtHmHoqJ38jmUF49QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:04:15
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:04:10.245193 2026] [security2:error] [pid 18622:tid 18622] [client 107.170.60.13:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hvacs-aircon.com"] [uri "/.env"] [unique_id "akiiWnFHX9JoeLGmoz8I1QAAAFY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-04 05:25:22
(22 hours ago)
[SatJul0407:25:20.5300492026][security2:error][pid1106758:tid1106821][client107.170.60.13:0]ModSecur ...
show more
[SatJul0407:25:20.5300492026][security2:error][pid1106758:tid1106821][client107.170.60.13:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"autodiscover.gmint.ch\"][uri\"/.env\"][unique_id\"akiZQKgPlhwS0Zm-RN4dWgAAAII\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:29:23
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.60.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:29:15.391749 2026] [security2:error] [pid 19331:tid 19331] [client 107.170.60.13:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.empoweruamerica.org"] [uri "/.env"] [unique_id "akiMG-zy86bRBF1Ms34JIAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marco711
2026-07-04 00:13:11
(1 day ago)
port/URL scanning
Port Scan
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-03 21:59:13
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-02.
show less
Web App Attack
SSH
Hacking