๐ฉ๐ช
pltcldvlpr
2026-07-08 05:40:36
(2 hours ago)
CMS/framework probe: 2a01:4f8:1c19:a57f::1 - - [08/Jul/2026:07:40:35 +0200] "HEAD /.git/config HTTP/ ...
show more
CMS/framework probe: 2a01:4f8:1c19:a57f::1 - - [08/Jul/2026:07:40:35 +0200] "HEAD /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:137.0) Gecko/20100101 Firefox/137.0" asn=24940 org="Hetzner Online GmbH" country=DE
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 04:03:58
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 00:03:54.576413 2026] [security2:error] [pid 11204:tid 11204] [client 2a01:4f8:1c19:a57f::1:53318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.k-h-w.com"] [uri "/wp-config.php.bak"] [unique_id "ak3MKum0TcNdCLQHXazXAgAAABk"], referer: https://www.google.com/search?q=cpcalendars.k-h-w.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-08 03:28:02
(4 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-07 15:44:10
(16 hours ago)
-:443 2a01:4f8:1c19:a57f::1 - - [07/Jul/2026:17:44:09 +0200] - "HEAD /.git/HEAD HTTP/1.1" 403 4932 " ...
show more
-:443 2a01:4f8:1c19:a57f::1 - - [07/Jul/2026:17:44:09 +0200] - "HEAD /.git/HEAD HTTP/1.1" 403 4932 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot)"
show less
Bad Web Bot
๐ต๐ฑ
Niko's Stuff
2026-07-07 14:16:56
(17 hours ago)
Triggered crowdsecurity/http-sensitive-files. More information at: https://app.crowdsec.net/cti/2a01 ...
show more
Triggered crowdsecurity/http-sensitive-files. More information at: https://app.crowdsec.net/cti/2a01:4f8:1c19:a57f::1
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 13:42:50
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:42:46.604781 2026] [security2:error] [pid 564:tid 564] [client 2a01:4f8:1c19:a57f::1:8776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.straypointers.com"] [uri "/.env.production"] [unique_id "ak0CVlvOXoeSaUOlSyRsAAAAAA0"], referer: https://www.google.com/search?q=www.straypointers.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 12:38:00
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:37:55.760457 2026] [security2:error] [pid 3878:tid 3878] [client 2a01:4f8:1c19:a57f::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/.env"] [unique_id "akzzIxry_pWZ9CV5IR4EpwAAAAY"], referer: https://www.google.com/search?q=kidswithcamerasmovie.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:33:35
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:33:28.713562 2026] [security2:error] [pid 15868:tid 15868] [client 2a01:4f8:1c19:a57f::1:29516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pnalegacypartners.com"] [uri "/.env"] [unique_id "aksT-PUj26EyqvPEjgkVkwAAAAI"], referer: https://www.google.com/search?q=pnalegacypartners.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 01:40:52
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 21:40:47.387231 2026] [security2:error] [pid 22097:tid 22097] [client 2a01:4f8:1c19:a57f::1:15072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dcmillerjr.com"] [uri "/wp-config.php.bak"] [unique_id "aksHn2SRaV-dlX4Jg179BQAAABM"], referer: https://www.google.com/search?q=autodiscover.dcmillerjr.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-05 21:59:05
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-04.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 20:27:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:27:30.876711 2026] [security2:error] [pid 30256:tid 30263] [client 2a01:4f8:1c19:a57f::1:7706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lavotel.com.oplconnect.com"] [uri "/.git/config"] [unique_id "akq-MlXVpugFw6SFcb7rBQAAAAE"], referer: https://www.google.com/search?q=www.lavotel.com.oplconnect.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
filstal.org
2026-07-05 17:58:23
(2 days ago)
Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels an ...
show more
Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels and known vulnerability paths.
show less
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
Blexyel
2026-07-05 15:10:35
(2 days ago)
2a01:4f8:1c19:a57f::1 - - [05/Jul/2026:17:10:34 +0200] "HEAD /.git/config HTTP/1.1" 404 0 "https://w ...
show more
2a01:4f8:1c19:a57f::1 - - [05/Jul/2026:17:10:34 +0200] "HEAD /.git/config HTTP/1.1" 404 0 "https://www.google.com/search?q=autodiscover.blexyel.wtf" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot)"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
4server
2026-07-05 14:39:31
(2 days ago)
[SunJul0516:39:27.4030132026][security2:error][pid2943912:tid2943942][client2a01:4f8:1c19:a57f::1:0] ...
show more
[SunJul0516:39:27.4030132026][security2:error][pid2943912:tid2943942][client2a01:4f8:1c19:a57f::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"autodiscover.atelier-lara.ch\"][uri\"/.env.production.local\"][unique_id\"akpsn0l6fHKY-g8Riv0s6wAAABI\"]\,referer:https://www.google.com/search\?q=autodiscover.atelier-lara.ch
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 13:40:43
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a01:4f8:1c19:a57f::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 09:40:35.797472 2026] [security2:error] [pid 24336:tid 24336] [client 2a01:4f8:1c19:a57f::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.365soft.top"] [uri "/.env.local"] [unique_id "akpe0wIAbgRG-rMmLRBltAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack