Anonymous
2026-07-17 02:06:04
(18 hours ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=77
Hacking
๐ฉ๐ช
ger-stg-sifi1
2026-07-17 01:34:17
(19 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
dynamix
2026-07-17 00:41:42
(19 hours ago)
Multiple WAF Violations
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-17 00:23:15
(20 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-16 23:52:43
(20 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ณ๐ฑ
thedreamer.nl
2026-07-16 23:36:25
(21 hours ago)
3.78.2.174 - - [17/Jul/2026:01:35:42 +0200] "GET /.env.test HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Wind ...
show more
3.78.2.174 - - [17/Jul/2026:01:35:42 +0200] "GET /.env.test HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "DE" "Frankfurt am Main" "50.11690" "8.68370"
3.78.2.174 - - [17/Jul/2026:01:35:56 +0200] "GET /.env.local HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "DE" "Frankfurt am Main" "50.11690" "8.68370"
3.78.2.174 - - [17/Jul/2026:01:35:56 +0200] "GET /.env.production HTTP/1.1" 302 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "DE" "Frankfurt am Main" "50.11690" "8.68370"
3.78.2.174 - - [17/Jul/2026:01:35:56 +0200] "GET /.env.development HTTP/1.1" 302 5 "-" "Moz
...
show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 22:05:13
(22 hours ago)
Restricted File Access Attempt. Matched phrase "credentials.json" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:52:24
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute ...
show more
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:52:19.598969 2026] [security2:error] [pid 529242:tid 529242] [client 3.78.2.174:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dentguyvt.com"] [uri "/.env.production"] [unique_id "allSkzEfCFNjAzEWtU24wAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-16 21:47:17
(22 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-16 21:15:13
(23 hours ago)
ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ณ๐ฑ
Site.eu
2026-07-16 20:55:30
(23 hours ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-16 20:28:57
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute ...
show more
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:28:49.828983 2026] [security2:error] [pid 14875:tid 14875] [client 3.78.2.174:46728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.crm.kircali.net"] [uri "/.env"] [unique_id "alk_AcV8g7-aY4UhTKL6mwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:56:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute ...
show more
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:56:46.007684 2026] [security2:error] [pid 28631:tid 28631] [client 3.78.2.174:2480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelpmcgrath.com"] [uri "/.env.prod"] [unique_id "alk3frv3wy9JauAoJvZj9gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
myip.foo
2026-07-16 19:36:52
(1 day ago)
[myip.foo] 3.78.2.174 - - [16/Jul/2026:19:36:52 +0000] "GET /wp-config.php.bak HTTP/1.1" 404 156 "-" ...
show more
[myip.foo] 3.78.2.174 - - [16/Jul/2026:19:36:52 +0000] "GET /wp-config.php.bak HTTP/1.1" 404 156 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:52:39
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute ...
show more
(mod_security) mod_security (id:210492) triggered by 3.78.2.174 (ec2-3-78-2-174.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:48:12.929175 2026] [security2:error] [pid 32472:tid 32472] [client 3.78.2.174:12052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kleens-uk.com"] [uri "/.env.staging"] [unique_id "alknbBInElgFaUChXRiksAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack