πΊπΈ
TPI-Abuse
2026-06-30 21:55:32
(1 minute ago)
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:55:27.352384 2026] [security2:error] [pid 7882:tid 7882] [client 185.219.7.65:57936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "presucad.com"] [uri "/.env.staging"] [unique_id "akQ7T86iS2BW4xUeQb3NUQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
lindi
2026-06-30 21:40:20
(16 minutes ago)
trying to access .env file
...
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 21:20:33
(36 minutes ago)
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:20:26.589651 2026] [security2:error] [pid 20348:tid 20348] [client 185.219.7.65:45418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desertedge.band"] [uri "/.env"] [unique_id "akQzGrNOr1DiIV-aeu44gQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
bazter.pro
2026-06-30 19:30:11
(2 hours ago)
Fail2Ban: apache-ratelimit - 20 failures
Port Scan
Bad Web Bot
Web App Attack
π¬π§
Oakley
2026-06-30 16:57:39
(4 hours ago)
(confirmed_bot_sig) Confirmed bot
Hacking
πΊπΈ
TPI-Abuse
2026-06-30 12:38:20
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:38:12.777932 2026] [security2:error] [pid 27065:tid 27065] [client 185.219.7.65:44656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctrl-p.saltcityprint.com"] [uri "/.env.local"] [unique_id "akO4tAs9fodI8r8YiUzZ7wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Ba-Yu
2026-06-30 09:10:58
(12 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
π©πͺ
itsolon
2026-06-30 08:52:10
(13 hours ago)
[30/Jun/2026:10:52:09 +0200] 17828095299.998412 185.219.7.65 40378 217.154.7.177 443
[30/Jun/2026:10 ...
show more
[30/Jun/2026:10:52:09 +0200] 17828095299.998412 185.219.7.65 40378 217.154.7.177 443
[30/Jun/2026:10:52:09 +0200] 17828095293.932931 185.219.7.65 40378 217.154.7.177 443
[30/Jun/2026:10:52:10 +0200] 178280953017.862754 185.219.7.65 40378 217.154.7.177 443
[30/Jun/2026:10:52:10 +0200] 178280953049.849668 185.219.7.65 40378 217.154.7.177 443
[30/Jun/2026:10:52:10 +0200] 178280953086.454372 185.219.7.65 40378 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
Anonymous
2026-06-30 08:40:44
(13 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 07:31:00
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:30:57.153564 2026] [security2:error] [pid 29537:tid 29537] [client 185.219.7.65:49724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "valkyriepanthers.com"] [uri "/temp/.env"] [unique_id "akNwselVmBGDvkAXuDzGGgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 07:11:33
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 185.219.7.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:11:25.846702 2026] [security2:error] [pid 31391:tid 31391] [client 185.219.7.65:40234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "montgomeryhistoricalsociety.org"] [uri "/server/.env"] [unique_id "akNsHZvp0GkXC1swh8FRIAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-30 07:10:39
(14 hours ago)
Restricted File Access Attempt. Matched phrase "credentials.json" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
πΊπΈ
mnsf
2026-06-30 07:05:12
(14 hours ago)
Abuse Detected (1)
Brute-Force
Web App Attack
π©πͺ
dbmwebdesign
2026-06-30 05:55:44
(16 hours ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
π¨π
4server
2026-06-30 05:38:22
(16 hours ago)
[TueJun3007:38:16.1850572026][security2:error][pid1964207:tid1964274][client185.219.7.65:0]ModSecuri ...
show more
[TueJun3007:38:16.1850572026][security2:error][pid1964207:tid1964274][client185.219.7.65:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"server-privato.ch\"][uri\"/.docker/config.json\"][unique_id\"akNWSNUNwy28kuTrmJISiwAAAYI\"]
show less
Hacking
Web App Attack