Anonymous
2026-07-11 20:51:26
(7 hours ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ฉ๐ช
mygcode.de
2026-07-03 23:29:24
(1 week ago)
Scanning for Exploits
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 18:37:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:37:04.477335 2026] [security2:error] [pid 28415:tid 28415] [client 141.101.76.164:13711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.shirtzz.com"] [uri "/.env.development.local"] [unique_id "akVeUCyY2BDGpBlQK8e-xQAAAAM"], referer: https://www.google.com/search?q=www.shirtzz.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-01 09:26:35
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:03:58
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:03:51.732018 2026] [security2:error] [pid 7819:tid 7819] [client 141.101.76.164:14203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.nationaljar.com"] [uri "/.git/config"] [unique_id "akIKx4GJASUh-hlbqpN9zgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-27 15:22:15
(2 weeks ago)
141.101.76.164 - - [27/Jun/2026:18:22:15 +0300] "GET /.env.yaml HTTP/2.0" 404 176 "-" "Mozilla/5.0 ( ...
show more
141.101.76.164 - - [27/Jun/2026:18:22:15 +0300] "GET /.env.yaml HTTP/2.0" 404 176 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-26 21:35:50
(2 weeks ago)
141.101.76.164 - - [26/Jun/2026:23:35:14 +0200] "GET /config/email_config.php HTTP/1.1" 403 12583 "h ...
show more
141.101.76.164 - - [26/Jun/2026:23:35:14 +0200] "GET /config/email_config.php HTTP/1.1" 403 12583 "https://unistayzm.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
141.101.76.164 - - [26/Jun/2026:23:35:19 +0200] "GET /smtp_settings.php HTTP/1.1" 403 12583 "https://unistayzm.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Mobile/15E148 Safari/604.1"
141.101.76.164 - - [26/Jun/2026:23:35:20 +0200] "GET /app/Config/Smtp.php HTTP/1.1" 403 12583 "https://unistayzm.com/" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
141.101.76.164 - - [26/Jun/2026:23:35:28 +0200] "GET /mysite/settings.py HTTP/1.1" 403 12583 "https://unistayzm.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Mobile/15E148 Safari/604.1"
141.101.76.164 - - [26/Jun/2026:23:35:29 +0200] "GET /
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 23:28:10
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:27:53.976169 2026] [security2:error] [pid 31280:tid 31280] [client 141.101.76.164:13618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rvtrips.robin5on.com"] [uri "/.env.backup"] [unique_id "ajxn-SpAxAgee1YDbmcz2gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 09:17:21
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 05:17:16.056199 2026] [security2:error] [pid 22281:tid 22281] [client 141.101.76.164:12787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jonathanwilsonphotography.jonathanwilson.me"] [uri "/.env.dist"] [unique_id "ajesHLuNE8szHfcpbaXCLgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-09 10:21:59
(1 month ago)
141.101.76.164 - - [09/Jun/2026:13:21:57 +0300] "GET /config/default.json HTTP/2.0" 404 176 "-" "Moz ...
show more
141.101.76.164 - - [09/Jun/2026:13:21:57 +0300] "GET /config/default.json HTTP/2.0" 404 176 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-04 02:50:12
(1 month ago)
141.101.76.164 - - [04/Jun/2026:05:50:11 +0300] "GET /.env.production HTTP/1.1" 301 162 "-" "Mozilla ...
show more
141.101.76.164 - - [04/Jun/2026:05:50:11 +0300] "GET /.env.production HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Linux; Android 9; Pixel XL) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"
...
show less
Hacking
Web App Attack
๐ท๐บ
DZBOT
2026-05-30 18:16:27
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 01:53:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.76.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 21:53:48.473922 2026] [security2:error] [pid 24081:tid 24081] [client 141.101.76.164:14150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canarysuites.com"] [uri "/.env.save"] [unique_id "ahegLMBWbLsEWTJDswLZRwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-05-19 16:45:25
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฎ๐ฉ
gonet.home
2026-05-17 02:55:15
(1 month ago)
Security Event Detected by SOC Gonet: event=alert, hits=1
Brute-Force