๐ฉ๐ช
FeG Deutschland
2026-07-16 17:32:15
(14 minutes ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:30:10
(16 minutes ago)
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:29:37.881175 2026] [security2:error] [pid 5406:tid 5406] [client 144.22.42.243:47390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flutetroupeofyakima.org"] [uri "/.env.development.local"] [unique_id "alkVAXVXBsjpueiaCW6W7gAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:06:54
(39 minutes ago)
(mod_security) mod_security (id:210730) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:05:35.236062 2026] [security2:error] [pid 26711:tid 26711] [client 144.22.42.243:46796] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||daviddobkin.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "daviddobkin.com"] [uri "/root/.config/gcloud/credentials.db"] [unique_id "alkPX6QYWpX_tUZewBhzTgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:50:27
(56 minutes ago)
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:50:17.748054 2026] [security2:error] [pid 10106:tid 10106] [client 144.22.42.243:53278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jcrluthier.com"] [uri "/.env.tmp"] [unique_id "alkLyXGO_BkFYGhko6h9TgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:03:24
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:03:16.878513 2026] [security2:error] [pid 30092:tid 30092] [client 144.22.42.243:57592] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "innolympics.com"] [uri "/.env.save"] [unique_id "alkAxLD3mUuWIUbNGdLAegAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:41:07
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:39:17.094144 2026] [security2:error] [pid 23066:tid 23066] [client 144.22.42.243:40422] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qualuedata.com"] [uri "/.env.staging"] [unique_id "alj7JVTraUljHlU6gmgwLgAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:19:23
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 144.22.42.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:19:15.920083 2026] [security2:error] [pid 18811:tid 18811] [client 144.22.42.243:55426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stradcompetition.finestringinstruments.com"] [uri "/backup/.env"] [unique_id "alj2c0h3RiFEqeH1i5wXWAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Aleigo Abuse
2026-07-06 10:18:06
(1 week ago)
SIP auth challenge (INVITE) fraud attempt detected.
Web App Attack
Brute-Force
Fraud VoIP
Hacking
๐ฌ๐ง
Oakley
2026-06-29 00:11:22
(2 weeks ago)
(confirmed_bot_sig) Confirmed bot
Hacking
Anonymous
2026-06-28 13:07:06
(2 weeks ago)
Automated web scanner. Requested suspicious paths: /.env.example. UTC: 2026-06-28 12:17:47.
Web App Attack
Anonymous
2026-06-27 04:15:01
(2 weeks ago)
suspicious request in access.log
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-26 22:12:42
(2 weeks ago)
Try to access /.env
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:02:40
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mnsf
2026-06-26 15:06:38
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-25 22:04:17
(2 weeks ago)
Auto-ban: >3000 req/min op 2026-06-25
Web App Attack
SSH
Hacking