Anonymous
2026-07-12 12:03:09
(2 days ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-11 20:08:50
(3 days ago)
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ...
show more
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=US; ASN=16276 OVH SAS
show less
Hacking
๐บ๐ธ
IndigoRidge
2026-07-11 19:49:27
(3 days ago)
15.204.66.76 - - [11/Jul/2026:15:49:11 -0400] "GET /.aws/credentials HTTP/1.0" 404 43052 "-" "Mozill ...
show more
15.204.66.76 - - [11/Jul/2026:15:49:11 -0400] "GET /.aws/credentials HTTP/1.0" 404 43052 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:15:49:24 -0400] "GET /phpinfo.php HTTP/1.0" 404 43052 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:15:49:25 -0400] "GET /info.php HTTP/1.0" 404 43052 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
Anonymous
2026-07-11 19:09:11
(3 days ago)
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Event ...
show more
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Events=5; Hosts=incognet.io; Paths=/.env,/.git/HEAD,/.git/config,/.svn/entries,/wp-config.php.bak; Country=US; ASN=16276 OVH SAS
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 19:04:59
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in th ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:04:52.216667 2026] [security2:error] [pid 14542:tid 14542] [client 15.204.66.76:54598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vsecuritysolutions.com"] [uri "/.env"] [unique_id "alKT1K28wQWngqKAMAPYnwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 18:23:07
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in th ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 14:23:02.263716 2026] [security2:error] [pid 12999:tid 12999] [client 15.204.66.76:40318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.com"] [uri "/.env"] [unique_id "alKKBulRSZZ3qERI1PXPwAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-11 18:04:10
(3 days ago)
15.204.66.76 - - [11/Jul/2026:14:04:06 -0400] "GET /actuator HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Wi ...
show more
15.204.66.76 - - [11/Jul/2026:14:04:06 -0400] "GET /actuator HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:14:04:06 -0400] "GET /actuator/env HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:14:04:07 -0400] "GET /actuator/configprops HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:14:04:07 -0400] "GET /server-status HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:14:04:10 -0400] "GET /.env HTTP/1.0" 404 4856 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
๐ฌ๐ง
venus.launch.bz
2026-07-11 16:23:35
(3 days ago)
(wpscan) WordPress probe detected from 15.204.66.76 (US/United States/vps-3c270a6c.vps.ovh.us)
Hacking
Anonymous
2026-07-11 16:13:45
(3 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack
Anonymous
2026-07-11 16:05:17
(3 days ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (11/60 min)'; Requests=11
Port Scan
๐จ๐ฆ
Mediashaker
2026-07-11 15:26:10
(3 days ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 15.204.66.76 (US/United ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 15.204.66.76 (US/United States/vps-3c270a6c.vps.ovh.us)
show less
Port Scan
๐บ๐ธ
Matthew Ping
2026-07-11 15:15:07
(3 days ago)
ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-11 14:37:17
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in th ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.66.76 (vps-3c270a6c.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 10:37:13.255310 2026] [security2:error] [pid 5013:tid 5040] [client 15.204.66.76:48568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.env"] [unique_id "alJVGWZwuDfw69xYTgZPcgAAAFE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-11 14:09:19
(3 days ago)
15.204.66.76 - - [11/Jul/2026:10:09:00 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/insta ...
show more
15.204.66.76 - - [11/Jul/2026:10:09:00 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/instagram/lib/fancybox2/source/jquery.fancybox.pack.js.map HTTP/1.0" 404 52129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:10:09:01 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/instagram/lib/videoplayer-4/build/mediaelement-and-player.min.js.map HTTP/1.0" 404 52139 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:10:09:02 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/js/html5shiv.min.js.map HTTP/1.0" 404 52094 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:10:09:03 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/js/jquery.cycle2.js.map HTTP/1.0" 404 52093 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.66.76 - - [11/Jul/2026:10:09:17 -0400] "GET /wp-content/themes/upcountryhistory/inc/lib/j
...
show less
Web App Attack
๐บ๐ธ
nyt
2026-07-11 14:01:36
(3 days ago)
GraphQL Probe, Empty UA + 404
Web App Attack