๐ง๐ฌ
Stoyko Stoykov
2026-07-04 04:12:52
(2 days ago)
141.101.98.61 - - [04/Jul/2026:07:12:52 +0300] "GET /1index.php HTTP/1.1" 301 162 "-" "-"
...
Hacking
Web App Attack
Anonymous
2026-07-02 16:50:28
(4 days ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-07-02 13:26:06
(4 days ago)
141.101.98.61 - - [02/Jul/2026:16:26:06 +0300] "GET /wp-includes/ID3/about.php HTTP/2.0" 404 1852 "- ...
show more
141.101.98.61 - - [02/Jul/2026:16:26:06 +0300] "GET /wp-includes/ID3/about.php HTTP/2.0" 404 1852 "-" "-"
...
show less
Hacking
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-30 01:53:48
(1 week ago)
141.101.98.61 - - [30/Jun/2026:04:53:47 +0300] "GET /index.php/apps/app_api/proxy/flow/api/w/nextclo ...
show more
141.101.98.61 - - [30/Jun/2026:04:53:47 +0300] "GET /index.php/apps/app_api/proxy/flow/api/w/nextcloud/jobs_u/get_log_file/..%25252f..%25252f..%25252f..%25252f..%25252f..%25252fetc%25252fpasswd HTTP/2.0" 499 0 "-" "Mozilla/5.0 (l9scan/2.0.33e27393e2431313e2838313; +https://leakix.net)"
...
show less
Hacking
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-27 04:22:34
(1 week ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐ท๐บ
DZBOT
2026-05-23 20:14:50
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-09 01:07:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 21:07:07.264666 2026] [security2:error] [pid 3004613:tid 3004613] [client 141.101.98.61:11133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.menafert.com"] [uri "/.env_backup"] [unique_id "adb7uxQ3GGeAvYqjVcvl2QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 23:39:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 19:38:52.422963 2026] [security2:error] [pid 3545409:tid 3545409] [client 141.101.98.61:14016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.integritysecurity.net"] [uri "/.env.save"] [unique_id "adbnDK2qB-aivDbgAHTDIwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 23:14:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 19:14:15.265062 2026] [security2:error] [pid 3397615:tid 3397615] [client 141.101.98.61:10270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.emailautomationworkflow.com"] [uri "/.env.dev"] [unique_id "adbhR2EeUDaPbVxGO9ZMeQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 17:18:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 13:18:02.523373 2026] [security2:error] [pid 1291552:tid 1291552] [client 141.101.98.61:11719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rcjav.com"] [uri "/.env.old"] [unique_id "adaNyog14rcA0IS5s31GhAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-04-08 12:18:26
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 03:30:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 23:29:54.536698 2026] [security2:error] [pid 1866750:tid 1866750] [client 141.101.98.61:13538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.artandthebible.com"] [uri "/var/www/html/.env"] [unique_id "adXLsgIRLRp2DL1ppo02NAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 14:42:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 10:42:36.277070 2026] [security2:error] [pid 1993515:tid 1993525] [client 141.101.98.61:9661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rightnews.aafm.us"] [uri "/.env.json"] [unique_id "adUX3GWuws0ZBYHi-7taRgAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 06:32:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 02:32:20.038824 2026] [security2:error] [pid 799385:tid 799385] [client 141.101.98.61:10093] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.wholesaleglassjars.com"] [uri "/.envrc"] [unique_id "adSk9PAnpjY7aGr2OpTcnAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 05:56:46
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 01:56:37.072795 2026] [security2:error] [pid 797308:tid 797308] [client 141.101.98.61:13505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.homeschoolwv.com"] [uri "/.env.dist"] [unique_id "adSclb-oQ4aWOjbd38CoPgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack