๐ฉ๐ช
FeG Deutschland
2026-07-09 06:43:13
(5 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
๐ท๐บ
DZBOT
2026-07-08 04:40:10
(6 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-06-12 16:50:09
(1 month ago)
Probing for known exploit paths (.env, .git, wp-admin, shell files, etc.). Single-strike ban policy ...
show more
Probing for known exploit paths (.env, .git, wp-admin, shell files, etc.). Single-strike ban policy โ zero tolerance for exploit scanning. Banned Jun 12, 16:50 UTC. Origin: United Kingdom, London.
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-05-22 14:38:21
(1 month ago)
wordpress scan on witness.help/wp-admin/install.php โ WellSpr.ing/NetSentinel civic-AI security laye ...
show more
wordpress scan on witness.help/wp-admin/install.php โ WellSpr.ing/NetSentinel civic-AI security layer
show less
Bad Web Bot
Web App Attack
Anonymous
2026-04-23 09:16:14
(2 months ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ฌ๐ง
consul.to
2026-04-19 11:35:12
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-09 01:22:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 21:22:39.236758 2026] [security2:error] [pid 2756406:tid 2756406] [client 141.101.98.45:12800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.78cardsofthetarot-tarotmancy-tarot-cards-and-tarot-readings.com"] [uri "/var/www/html/.env"] [unique_id "adb_X3J5_zc6UR7FG_hXGAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 22:54:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 18:54:08.055781 2026] [security2:error] [pid 3507678:tid 3507678] [client 141.101.98.45:14284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rosetina.com"] [uri "/.env.old"] [unique_id "adbckAHIdcH0i1Mj-tXKGwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 08:50:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:49:55.110485 2026] [security2:error] [pid 2089788:tid 2089788] [client 141.101.98.45:9897] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gunningphysio.com"] [uri "/config/.env"] [unique_id "adYWswVA2xMWwZrXRTaRBgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 07:48:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:48:46.490729 2026] [security2:error] [pid 2825206:tid 2825206] [client 141.101.98.45:12506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.jhonbens.com"] [uri "/config/.env"] [unique_id "adYIXk0vGxUjR1WxVVAPewAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 07:19:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:19:50.780142 2026] [security2:error] [pid 2925551:tid 2925551] [client 141.101.98.45:13031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trclegacyholdings.org.ryanc.net"] [uri "/.env.local"] [unique_id "adYBliC9WuJphYhC0qImmQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 04:14:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 00:14:25.270986 2026] [security2:error] [pid 1737474:tid 1737488] [client 141.101.98.45:11060] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.oceanstatecollision.com"] [uri "/.env1"] [unique_id "adXWIapI4Nmg0tNDgXBauQAAAIw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 00:17:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 20:17:42.159963 2026] [security2:error] [pid 1941465:tid 1941465] [client 141.101.98.45:12532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftrentals.com"] [uri "/.env.dist"] [unique_id "adWepgnIRJHNHStvByaZEAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 23:30:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 19:30:23.782072 2026] [security2:error] [pid 2208615:tid 2208615] [client 141.101.98.45:10929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.deindo.com"] [uri "/.env.production"] [unique_id "adWTj8Ww3yuz27AiEQiRuwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 21:22:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 17:22:45.818160 2026] [security2:error] [pid 1981843:tid 1981843] [client 141.101.98.45:13856] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mapleleaf-marketing.com"] [uri "/.env.test"] [unique_id "adV1pfeCpDX9Nh7K4Hkc3gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack