π«π·
masterguru
2026-07-01 02:36:41
(6 minutes ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-201)
show less
Hacking
πΊπΈ
www.winos.me
2026-07-01 01:50:43
(52 minutes ago)
Automatically banned due to exceeding error status code threshold.
Brute-Force
Web App Attack
π©πͺ
maxpower
2026-07-01 01:47:23
(55 minutes ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 157.230.133.16 (US/United States/-): 2 i ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 157.230.133.16 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 157.230.133.16 - - [01/Jul/2026:03:47:10 +0200] "GET /secrets.json HTTP/1.1" 404 1142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" "-" host=www.ticket.checkall.cloud
157.230.133.16 - - [01/Jul/2026:03:47:17 +0200] "GET /config/secrets.yml HTTP/1.1" 404 1142 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" "-" host=www.ticket.checkall.cloud
show less
Port Scan
π©πͺ
ger-stg-sifi1
2026-06-30 23:42:41
(3 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
π©πͺ
wpadm4
2026-06-30 22:05:38
(4 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-30 22:04:01
(4 hours ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
π©πͺ
todix
2026-06-30 21:55:27
(4 hours ago)
Web App Attack Exploid from 157.230.133.16
Web App Attack
π³π±
Site.eu
2026-06-30 21:41:52
(5 hours ago)
Excessive multi-domain requests
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-30 21:41:50
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.230.133.16 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.230.133.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:41:47.062317 2026] [security2:error] [pid 32496:tid 32521] [client 157.230.133.16:43232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mouawadarchitects.com"] [uri "/.env.bak"] [unique_id "akQ4G2wjSOzXXviojwyBowAAAJc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 21:15:40
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 157.230.133.16 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 157.230.133.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:15:34.531461 2026] [security2:error] [pid 31417:tid 31417] [client 157.230.133.16:45758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "claireashton.com"] [uri "/.env.save"] [unique_id "akQx9vENBmtCz90oDjMbuwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Tripwire
2026-06-30 21:15:15
(5 hours ago)
Scanning for exploits - /.env.bak
Web App Attack
π©πͺ
big-cloud.nl
2026-06-30 20:07:06
(6 hours ago)
Try to access /.env
Web App Attack
π©πͺ
Viveronese
2026-06-30 19:10:26
(7 hours ago)
HTTP vulnerability scanning
Web App Attack
π΅π±
lns.bz
2026-06-30 18:51:22
(7 hours ago)
Web app attack [PL.Lu]
Exploited Host
Web App Attack
Anonymous
2026-06-30 17:43:07
(8 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 157.230.133.16 (US/United States/-)
SQL Injection