Anonymous
2026-07-17 05:00:04
(1 hour ago)
| [Dangerous/China] Aggressive IP 140.246.105.65 (~30 hits). Type: DoS Defender- Web server 400 erro ...
show more
| [Dangerous/China] Aggressive IP 140.246.105.65 (~30 hits). Type: DoS Defender- Web server 400 error code
show less
Web App Attack
Hacking
SQL Injection
๐ซ๐ท
UnixPrime
2026-07-17 04:32:02
(1 hour ago)
140.246.105.65 - - [17/Jul/2026:06:31:57 +0200] "GET /.env.local HTTP/1.1" 404 14040 "-" "Mozilla/5. ...
show more
140.246.105.65 - - [17/Jul/2026:06:31:57 +0200] "GET /.env.local HTTP/1.1" 404 14040 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
140.246.105.65 - - [17/Jul/2026:06:32:01 +0200] "GET /.env.production HTTP/1.1" 404 14031 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-17 04:02:41
(2 hours ago)
(modsecurity) srv104 ModSecurity 140.246.105.65 (CN/China/-): 10 in the last 3600 secs; Ports: *; Di ...
show more
(modsecurity) srv104 ModSecurity 140.246.105.65 (CN/China/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:07:53
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:07:50.224402 2026] [security2:error] [pid 7867:tid 7867] [client 140.246.105.65:34240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sprek.net.sprektech.com"] [uri "/.env.prod"] [unique_id "almchopz1_fqfNaHDTJRlwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 21:59:44
(8 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 20:50:28
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:50:25.524440 2026] [security2:error] [pid 13051:tid 13051] [client 140.246.105.65:44657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.resume.martinka.org"] [uri "/.env.save"] [unique_id "allEERt0RkhodHHE6EDMpwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-07-16 20:04:47
(10 hours ago)
Web App Attack Exploid from 140.246.105.65
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:57:55
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:57:07.252960 2026] [security2:error] [pid 22776:tid 22776] [client 140.246.105.65:33337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "virginiatouchatruck.com"] [uri "/.env.test"] [unique_id "alkpg4E-z3W2K9g9L8GI7wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:32:53
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.246.105.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:32:28.893335 2026] [security2:error] [pid 1944:tid 1944] [client 140.246.105.65:38618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beeswaxnews.com"] [uri "/storage/framework/.env"] [unique_id "alkVrF9FjEFNxrGDjPZBEAAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 15:02:44
(15 hours ago)
(caddyscan) Scanner path probe from 140.246.105.65 (CN/China/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 140.246.105.65 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 140.246.105.65 - - [16/Jul/2026:15:02:39 +0000] "GET /wp-config.php.bak HTTP/1.1"
[REDACTED] 200 2627 140.246.105.65 - - [16/Jul/2026:15:02:40 +0000] "GET /wp-config.php.old HTTP/1.1"
[REDACTED] 200 2627 140.246.105.65 - - [16/Jul/2026:15:02:41 +0000] "GET /wp-config.php.save HTTP/1.1"
[REDACTED] 200 2627 140.246.105.65 - - [16/Jul/2026:15:02:41 +0000] "GET /wp-config.php.txt HTTP/1.1"
[REDACTED] 200 2627 140.246.105.65 - - [16/Jul/2026:15:02:42 +0000] "GET /wp-config.php~ HTTP/1.1"
show less
Port Scan
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:04:19
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mnsf
2026-06-25 21:30:32
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack