๐ฎ๐ฉ
soc-yk
2026-07-09 17:54:12
(3 hours ago)
Type: suspicious_network_activity
Risk: 92
Events: 11
Evidence:
- Persistent suspicious network act ...
show more
Type: suspicious_network_activity
Risk: 92
Events: 11
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐ฎ๐ฉ
Burayot
2026-07-09 17:34:05
(3 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 108.62.160.153 (US/United States/ho ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 108.62.160.153 (US/United States/hosted-by.hostwild.com): 2 in the last 3600 secs
show less
Web App Attack
๐ต๐ฑ
lns.bz
2026-07-09 16:09:12
(4 hours ago)
Web app attack [PL.Lu]
Exploited Host
Web App Attack
Anonymous
2026-07-09 14:05:01
(6 hours ago)
suspicious request in access.log
Web App Attack
๐ฌ๐ง
djboddington
2026-07-09 13:37:48
(7 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
๐จ๐ญ
copestack
2026-07-09 10:00:03
(10 hours ago)
Automated detection: HTTP environment file enumeration (.env credential harvesting). 1 decisions on ...
show more
Automated detection: HTTP environment file enumeration (.env credential harvesting). 1 decisions on ov-4e5936.
show less
Web App Attack
Anonymous
2026-07-09 07:44:38
(13 hours ago)
(caddyscan) Scanner path probe from 108.62.160.153 (US/United States/hosted-by.hostwild.com): 5 in t ...
show more
(caddyscan) Scanner path probe from 108.62.160.153 (US/United States/hosted-by.hostwild.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:07:44:34 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:07:44:34 +0000] "GET /api/.env HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:07:44:34 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:07:44:34 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:07:44:34 +0000] "GET /.env.production HTTP/1.1"
show less
Port Scan
๐ณ๐ฑ
wlt-blocker
2026-07-09 07:41:56
(13 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐ฉ๐ช
ecs.ge
2026-07-09 07:09:18
(13 hours ago)
Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.
Web App Attack
Hacking
๐ฉ๐ช
Blexyel
2026-07-09 06:56:47
(14 hours ago)
108.62.160.153 - - [09/Jul/2026:08:56:46 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "Mozilla/5.0 ...
show more
108.62.160.153 - - [09/Jul/2026:08:56:46 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 06:44:54
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 108.62.160.153 (hosted-by.hostwild.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 108.62.160.153 (hosted-by.hostwild.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:44:48.523928 2026] [security2:error] [pid 31979:tid 31979] [client 108.62.160.153:33384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pleasanthillfarms.com"] [uri "/.git/HEAD"] [unique_id "ak9DYB7qOofTLBK0Op43DQAAAEE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 06:39:40
(14 hours ago)
(caddyscan) Scanner path probe from 108.62.160.153 (US/United States/hosted-by.hostwild.com): 5 in t ...
show more
(caddyscan) Scanner path probe from 108.62.160.153 (US/United States/hosted-by.hostwild.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:06:39:36 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:06:39:36 +0000] "GET /api/.env HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:06:39:36 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:06:39:36 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 108.62.160.153 - - [09/Jul/2026:06:39:37 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-09 06:19:33
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 108.62.160.153 (hosted-by.hostwild.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 108.62.160.153 (hosted-by.hostwild.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:19:28.485981 2026] [security2:error] [pid 31024:tid 31024] [client 108.62.160.153:36964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.phsna.org"] [uri "/.git/HEAD"] [unique_id "ak89cKwqRyOkctwAK-2j6QAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-07-09 06:03:59
(14 hours ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 108.62.160.153 (US/United States/hosted- ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 108.62.160.153 (US/United States/hosted-by.hostwild.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 108.62.160.153 - - [09/Jul/2026:07:05:06 +0200] "GET /.aws/credentials HTTP/1.1" 200 1244 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" "-" host=mail.insegnesolution.it
108.62.160.153 - - [09/Jul/2026:08:03:57 +0200] "GET /.aws/credentials HTTP/1.1" 404 20549 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" "-" host=mail.olscitaly.com
show less
Port Scan
๐ฌ๐ง
Aetherweb Ark
2026-07-09 05:58:10
(15 hours ago)
(mod_security) mod_security (id:949110) triggered by 108.62.160.153 (US/United States/hosted-by.host ...
show more
(mod_security) mod_security (id:949110) triggered by 108.62.160.153 (US/United States/hosted-by.hostwild.com): N in the last X secs
show less
Web App Attack