๐ฎ๐ฉ
zam
2026-07-18 08:52:53
(33 minutes ago)
37.214.65.19 - - [18/Jul/2026:08:52:48 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ...
show more
37.214.65.19 - - [18/Jul/2026:08:52:48 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 304
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 08:41:29
(45 minutes ago)
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppo ...
show more
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppoe.byfly.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 04:41:23.572233 2026] [security2:error] [pid 2264:tid 2264] [client 37.214.65.19:1046] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pencilnerd.com"] [uri "/.env.bak"] [unique_id "als8MwAP5fpAlnMnR3PHhAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:52:05
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppo ...
show more
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppoe.byfly.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:51:59.939363 2026] [security2:error] [pid 10374:tid 10374] [client 37.214.65.19:5857] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peaksalesnw.com"] [uri "/.env.bak"] [unique_id "alsUf7uGk3s7skzIUumVIQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-18 05:29:53
(3 hours ago)
[redacted] 37.214.65.19 - - [18/Jul/2026:06:29:50 +0100] "GET /.[redacted] HTTP/2.0" 301 123 "-" "Mo ...
show more
[redacted] 37.214.65.19 - - [18/Jul/2026:06:29:50 +0100] "GET /.[redacted] HTTP/2.0" 301 123 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246" [redacted] 37.214.65.19 - - [18/Jul/2026:06:29:51 +0100] "GET /fr/.[redacted]/ HTTP/2.0" 404 26598 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
mygcode.de
2026-07-18 04:14:22
(5 hours ago)
Scanning for Exploits
Bad Web Bot
๐บ๐ฆ
URAN Publishing Service
2026-07-18 04:07:38
(5 hours ago)
37.214.65.19 - - [18/Jul/2026:07:07:37 +0300] "GET /.env.bak HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Win ...
show more
37.214.65.19 - - [18/Jul/2026:07:07:37 +0300] "GET /.env.bak HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
37.214.65.19 - - [18/Jul/2026:07:07:38 +0300] "GET /.env.local HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 03:12:27
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppo ...
show more
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppoe.byfly.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 23:12:22.554851 2026] [security2:error] [pid 784:tid 784] [client 37.214.65.19:4870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pcmec.com"] [uri "/.env.bak"] [unique_id "alrvFj5EsXD6I171HJnpSwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-18 02:45:03
(6 hours ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-18 00:15:23
(9 hours ago)
Aggressive web scan
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-17 22:28:48
(10 hours ago)
dot file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 22:05:59
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppo ...
show more
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppoe.byfly.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 18:05:52.568775 2026] [security2:error] [pid 14968:tid 14968] [client 37.214.65.19:5543] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "passy.us"] [uri "/.env.bak"] [unique_id "alqnQP388F1YQvQzXq1PeAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-17 22:01:57
(11 hours ago)
Excessive multi-domain requests
Brute-Force
๐ญ๐บ
kranem
2026-07-17 21:00:20
(12 hours ago)
Triggered Cloudflare WAF from BY.
Action taken: BLOCK
ASN: 6697 (Republican Unitary Telecommunicatio ...
show more
Triggered Cloudflare WAF from BY.
Action taken: BLOCK
ASN: 6697 (Republican Unitary Telecommunication Enterprise Beltelecom)
Protocol: HTTP/1.1 (GET method)
Endpoint: /server/.env
Timestamp: 2026-07-17T19:41:56Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-17 20:55:40
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppo ...
show more
(mod_security) mod_security (id:210492) triggered by 37.214.65.19 (mm-19-65-214-37.mgts.dynamic.pppoe.byfly.by): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 16:55:33.773791 2026] [security2:error] [pid 27180:tid 27180] [client 37.214.65.19:4080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pasdesinfos.com"] [uri "/.env.bak"] [unique_id "alqWxZADlngYYsldp7SXrgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lezetho
2026-07-17 20:00:20
(13 hours ago)
DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare
DDoS Attack
Email Spam
Hacking
Brute-Force