Anonymous
2026-07-15 04:38:29
(2 days ago)
Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, li ...
show more
Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 04:04:19
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 00:04:15.154043 2026] [security2:error] [pid 32707:tid 32707] [client 2.27.49.47:55950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.241"] [uri "/.env"] [unique_id "alcGv3reLtSf0iD79I9T6AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 03:20:22
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 23:20:15.561219 2026] [security2:error] [pid 26560:tid 26560] [client 2.27.49.47:50891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.184"] [uri "/.env"] [unique_id "alb8b_2qh6uKQ1GOqKWXjQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
jcbriar
2026-07-15 03:19:58
(2 days ago)
Searching for vulnerable scripts
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 02:35:30
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:35:22.805447 2026] [security2:error] [pid 14627:tid 14627] [client 2.27.49.47:59782] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.75"] [uri "/.env"] [unique_id "albx6gTTSCcfQCMo5EVLWgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-15 01:46:43
(2 days ago)
Web exploit attempt: 0x%5B%5D=androxgh0st
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 01:00:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 21:00:40.865756 2026] [security2:error] [pid 27620:tid 27620] [client 2.27.49.47:65027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.170"] [uri "/.env"] [unique_id "albbuNBkq6xD33mc-fiQDwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Teufel100
2026-07-15 00:47:49
(2 days ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-15 00:26:54
(2 days ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-4)
Hacking
Bad Web Bot
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-15 00:07:02
(2 days ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-14 23:13:52
(2 days ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-14 22:58:14
(2 days ago)
Try to access /.env
Web App Attack
Anonymous
2026-07-14 22:31:59
(2 days ago)
2.27.49.47 - - [15/Jul/2026:00:31:58 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linu ...
show more
2.27.49.47 - - [15/Jul/2026:00:31:58 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 21:55:07
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.49.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:55:01.980417 2026] [security2:error] [pid 599:tid 599] [client 2.27.49.47:63305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.19"] [uri "/.env"] [unique_id "alawNTtnidPKCAJA6R_n9AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-14 21:35:19
(2 days ago)
csagent: score 20.2: secrets grab x2, 404 noise floor x1; 1 domain(s) in 0s
Web App Attack