๐บ๐ธ
ANTI SCANNER
2026-07-17 23:36:40
(1 hour ago)
Scanner : /.env.local
Web Spam
๐ซ๐ท
dynamix
2026-07-17 19:36:09
(5 hours ago)
Multiple WAF Violations
Web App Attack
Anonymous
2026-07-17 00:05:11
(1 day ago)
Blocked: Reason='Suspicious traffic score=80 (review-based detection)'; Requests=328
Hacking
Anonymous
2026-07-16 18:27:42
(1 day ago)
176.65.144.123 - - [16/Jul/2026:18:27:42 +0000] "GET /.env HTTP/1.1" 404 3899 "https://amo.rocks/.en ...
show more
176.65.144.123 - - [16/Jul/2026:18:27:42 +0000] "GET /.env HTTP/1.1" 404 3899 "https://amo.rocks/.env" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-07-15 22:32:12
(2 days ago)
Site scraper
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 10:26:55
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:26:49.206885 2026] [security2:error] [pid 336634:tid 336634] [client 176.65.144.123:50204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alltrashremoval.com"] [uri "/.env"] [unique_id "aldgaaZw-iglyl0MIIHg1wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 19:57:22
(3 days ago)
176.65.144.123 - - [14/Jul/2026:19:57:22 +0000] "GET /.env HTTP/1.1" 404 2769 "-" "Mozilla/5.0 (Linu ...
show more
176.65.144.123 - - [14/Jul/2026:19:57:22 +0000] "GET /.env HTTP/1.1" 404 2769 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Mobile Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:52:06
(3 days ago)
(mod_security) mod_security (id:949110) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:51:59.571077 2026] [security2:error] [pid 14199:tid 14199] [client 176.65.144.123:47086] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "akistech.com"] [uri "/.env"] [unique_id "alWWPx-Q1jhSioVCUP0h-gAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
IRISIO
2026-07-13 07:57:27
(4 days ago)
scans/SQL injection/spam posts : 27 queries
Web App Attack
SQL Injection
๐ฉ๐ช
LRob
2026-07-13 02:38:55
(4 days ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env","/.env.local","/.env~","/.env.developme ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env","/.env.local","/.env~","/.env.development","/.env.staging"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"]
show less
Hacking
๐ซ๐ท
โจ
2026-07-13 02:03:12
(4 days ago)
Domain : agmp.co.uk
Rule : hack
2026-07-13 02:01:45 ***hidden-privacy*** GET /web.config.bak - 443 - ...
show more
Domain : agmp.co.uk
Rule : hack
2026-07-13 02:01:45 ***hidden-privacy*** GET /web.config.bak - 443 - 176.65.144.123 HTTP/2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 - agmp.co.uk 404 0 0 64457 675 502 - -
show less
Hacking
SQL Injection
Brute-Force
๐บ๐ธ
agenciahypelab.com.br
2026-07-12 22:40:22
(5 days ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-12 09:52:10
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:52:07.201526 2026] [security2:error] [pid 4406:tid 4406] [client 176.65.144.123:39188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeomis.com"] [uri "/.env"] [unique_id "alNjx-AzqKy0oFY0Tz1xuAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 07:26:36
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 03:26:29.311809 2026] [security2:error] [pid 29418:tid 29418] [client 176.65.144.123:53338] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acquivest.net"] [uri "/.env"] [unique_id "alHwJQxSwxCoEZMwS6Ft2AAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 07:03:04
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 176.65.144.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 03:02:56.439552 2026] [security2:error] [pid 6289:tid 6289] [client 176.65.144.123:59372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acpb.net"] [uri "/.env"] [unique_id "alHqoH7-5Y0BthCuxt58-gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack