๐บ๐ธ
Rip
2026-07-03 09:31:51
(9 hours ago)
Restricted File Access Attempts
Port Scan
Web App Attack
๐ฆ๐บ
clapper
2026-07-03 08:59:52
(9 hours ago)
(mod_security) mod_security (id:949110) triggered by 166.88.96.12 (US/United States/-): 5 in the las ...
show more
(mod_security) mod_security (id:949110) triggered by 166.88.96.12 (US/United States/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 08:52:45
(9 hours ago)
(mod_security) mod_security (id:949110) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:949110) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:52:39.752550 2026] [security2:error] [pid 9788:tid 9788] [client 166.88.96.12:44518] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.240"] [uri "/.env"] [unique_id "akd4VykjDgu5EQAwR5V_0wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
psauxit
2026-07-03 08:38:54
(9 hours ago)
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ...
show more
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping
show less
Web App Attack
Hacking
๐ณ๐ฑ
bazter.pro
2026-07-03 06:09:34
(12 hours ago)
166.88.96.12 - - [03/Jul/2026:06:09:33 +0000] "GET /.env HTTP/1.1" 404 414 "-" "Mozilla/5.0 (Windows ...
show more
166.88.96.12 - - [03/Jul/2026:06:09:33 +0000] "GET /.env HTTP/1.1" 404 414 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
...
show less
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
SSH
๐ฎ๐น
clamehost.it
2026-07-03 05:57:48
(12 hours ago)
Automatic report - Brute Force attack using this IP address
Brute-Force
๐น๐ญ
Sawasdee
2026-07-03 05:45:09
(12 hours ago)
Unwanted checking 80 or 443 port
...
Bad Web Bot
๐ฌ๐ง
Axel
2026-07-03 05:39:44
(12 hours ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ซ๐ท
Entalpi.net
2026-07-03 05:08:52
(13 hours ago)
Repeated requests against sensitive web endpoints
Web App Attack
๐บ๐ธ
Al Coholic
2026-07-03 02:47:25
(15 hours ago)
Detected By Fail2ban
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:39:22
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:39:16.637037 2026] [security2:error] [pid 20209:tid 20209] [client 166.88.96.12:53330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.228"] [uri "/.env"] [unique_id "akcg1EVzZXfvGgl2jPVOggAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:03:41
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 166.88.96.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:03:34.833014 2026] [security2:error] [pid 13186:tid 13186] [client 166.88.96.12:43026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.45"] [uri "/.env"] [unique_id "akcYdqfRTI9SFzeb1O9-zAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
evilrave
2026-07-03 01:30:38
(17 hours ago)
166.88.96.12 - - [03/Jul/2026:01:30:37 +0000] "GET / HTTP/1.1" 444 0 Host="[REDACTED_IP]" SNI="-"
.. ...
show more
166.88.96.12 - - [03/Jul/2026:01:30:37 +0000] "GET / HTTP/1.1" 444 0 Host="[REDACTED_IP]" SNI="-"
...
show less
Bad Web Bot
๐ฉ๐ช
DEV-DNS
2026-07-03 01:16:38
(17 hours ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
Anonymous
2026-07-03 01:16:23
(17 hours ago)
166.88.96.12 - - [03/Jul/2026:03:16:23 +0200] "GET /.env HTTP/1.1" 403 519 "-" "Mozilla/5.0 (Windows ...
show more
166.88.96.12 - - [03/Jul/2026:03:16:23 +0200] "GET /.env HTTP/1.1" 403 519 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack