๐ฌ๐ง
consul.to
2026-07-19 00:02:46
(4 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:25:23
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:25:16.935754 2026] [security2:error] [pid 1087581:tid 1087581] [client 213.165.45.35:52710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wheelworks.biz"] [uri "/.env"] [unique_id "alwLXAjE6niRM_39CaO05gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-18 23:20:08
(5 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-18 23:19:36
(5 hours ago)
csagent: score 15.8: secrets grab x2; 2 domain(s) in 1m33s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:09:05
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:09:00.153260 2026] [security2:error] [pid 9128:tid 9128] [client 213.165.45.35:53844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vn-hakunabtanaguan.biz"] [uri "/.env"] [unique_id "alwHjBUKzyl0Yyuztgoy-AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 21:04:54
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 17:04:46.749367 2026] [security2:error] [pid 24389:tid 24389] [client 213.165.45.35:51580] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sigi.biz"] [uri "/.env"] [unique_id "alvqblGvWFS2xdXfejV1zgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
nyt
2026-07-18 19:03:06
(9 hours ago)
Sensitive File Probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 18:51:33
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 14:51:29.175070 2026] [security2:error] [pid 27638:tid 27638] [client 213.165.45.35:57894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oceanrich.biz"] [uri "/.env"] [unique_id "alvLMciVol4SylI3gMsSXAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 18:29:52
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 14:29:49.449959 2026] [security2:error] [pid 16132:tid 16132] [client 213.165.45.35:55955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neneh.biz"] [uri "/.env"] [unique_id "alvGHaEmLL9fGWswxA-yhAAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
sajmon0011
2026-07-18 18:10:34
(10 hours ago)
213.165.45.35 - - [18/Jul/2026:20:10:32 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macint ...
show more
213.165.45.35 - - [18/Jul/2026:20:10:32 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 17:53:44
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 13:53:40.165648 2026] [security2:error] [pid 24311:tid 24311] [client 213.165.45.35:56142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelthompson.biz"] [uri "/.env"] [unique_id "alu9pER0vrHfXlwHG09KWAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 17:34:33
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 13:34:28.760023 2026] [security2:error] [pid 4521:tid 4539] [client 213.165.45.35:61619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.biz"] [uri "/.env"] [unique_id "alu5JEFuZu4kxL2M7YqinAAAANA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
chronos
2026-07-18 16:05:24
(12 hours ago)
[AUTORAVALT][[18/07/2026 - 13:05:24 -03:00 UTC]
Attack from [213.165.45.35][stingyivory.ptr.network] ...
show more
[AUTORAVALT][[18/07/2026 - 13:05:24 -03:00 UTC]
Attack from [213.165.45.35][stingyivory.ptr.network]
Action: BLocKed
Hacking... Unauthorized attempts to access the server.
Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other softwar]
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 15:51:36
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 213.165.45.35 (stingyivory.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 11:51:32.874665 2026] [security2:error] [pid 571621:tid 571621] [client 213.165.45.35:56439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "igpcloud.biz"] [uri "/.env"] [unique_id "aluhBNM9ktOoeh8R079lrAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-18 15:47:37
(13 hours ago)
Web exploit attempt: 0x%5B%5D=androxgh0st
Web App Attack