๐จ๐ญ
Rene33
2026-06-24 06:32:19
(2 weeks ago)
Phishing attempt impersonating Orange. Malicious URL: https://www.gameofarmsapp.com/oror2/?upq=axdd1 ...
show more
Phishing attempt impersonating Orange. Malicious URL: https://www.gameofarmsapp.com/oror2/?upq=axdd12h7
show less
Hacking
๐บ๐ธ
TPI-Abuse
2025-11-28 11:22:10
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 06:22:05.740558 2025] [security2:error] [pid 2125:tid 2125] [client 15.188.49.43:50036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "45northoliveoil.com"] [uri "/.git/config"] [unique_id "aSmF3Qga4A7B4gd2qQn_VwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-27 19:19:19
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 14:19:12.529834 2025] [security2:error] [pid 18525:tid 18525] [client 15.188.49.43:45456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pardescommunications.com"] [uri "/.env"] [unique_id "aSikMNzXBygBYCG1f8ezsAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2025-10-19 22:00:40
(8 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-10-18.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
mnsf
2025-10-19 09:05:07
(8 months ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ฆ๐น
penguin-solutions.at
2025-10-19 08:46:38
(8 months ago)
Excessive 403/404 errors
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-19 00:00:32
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 15.188.49.43 (ec2-15-188-49-43.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 18 19:59:53.870465 2025] [security2:error] [pid 21286:tid 21286] [client 15.188.49.43:56258] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "travelingguitarfoundation.org"] [uri "/.env"] [unique_id "aPQp-eW9J4uvtpN7T-bglwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-18 23:51:31
(8 months ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
Anonymous
2025-10-18 10:44:33
(8 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH
๐ง๐ช
cmbplf
2025-10-18 09:21:04
(8 months ago)
180 requests with url.path *.env
132 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐ช๐ธ
el-brujo
2025-10-18 01:16:06
(8 months ago)
[Sat Oct 18 03:16:06.324164 2025] [proxy_fcgi:error] [pid 2489689:tid 2490799] [client 15.188.49.43: ...
show more
[Sat Oct 18 03:16:06.324164 2025] [proxy_fcgi:error] [pid 2489689:tid 2490799] [client 15.188.49.43:59846] AH01071: Got error 'Primary script unknown'
[Sat Oct 18 03:16:06.386852 2025] [proxy_fcgi:error] [pid 2489690:tid 2490893] [client 15.188.49.43:59862] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
Web App Attack