๐บ๐ธ
MatCat
2026-07-18 09:34:56
(12 hours ago)
Banned by fail2ban: apache-webprobe
Port Scan
Bad Web Bot
๐ฎ๐ณ
evicky2002
2026-07-18 06:00:00
(15 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 22:03:47
(23 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
cyfordtechnologies.com
2026-07-17 15:24:20
(1 day ago)
Non-human high traffic: 8/7 : Reported by Cyford API
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 13:27:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:27:20.373498 2026] [security2:error] [pid 12263:tid 12263] [client 44.254.208.253:34534] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wandathelittlestwizard.dvdmasters.com"] [uri "/.env.local"] [unique_id "alotuAtsMxxurUEpw-Se9gAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:44:29
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:44:24.676645 2026] [security2:error] [pid 11844:tid 11844] [client 44.254.208.253:13018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renperfco.com"] [uri "/.env.backup"] [unique_id "alojqJgw2hQF6ym6uzJkKQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:48:29
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:48:23.521068 2026] [security2:error] [pid 3895511:tid 3895511] [client 44.254.208.253:46386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "20dekopas.com"] [uri "/.env"] [unique_id "aloId7pJQqqnojW_-SEK3wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-17 10:13:59
(1 day ago)
Excessive multi-domain requests
Brute-Force
Anonymous
2026-07-17 08:52:12
(1 day ago)
Bot / seems abusive / Apache connections: 23
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:20:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:20:39.900931 2026] [security2:error] [pid 13102:tid 13102] [client 44.254.208.253:37178] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barbaraedidin.com"] [uri "/.env.dist"] [unique_id "alnl12ObyQqNysWiAomeEgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:04:38
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210730) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:04:32.010481 2026] [security2:error] [pid 410837:tid 410837] [client 44.254.208.253:49766] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||newcastle91.org|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "newcastle91.org"] [uri "/config/master.key"] [unique_id "alniEIV7h6-3_73t-MUuugAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-17 08:00:26
(1 day ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:46:56
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:46:49.702673 2026] [security2:error] [pid 437868:tid 437868] [client 44.254.208.253:13150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.clinicacero.carpascarpe.com"] [uri "/.env.production"] [unique_id "alnd6RuByObWj9yjAHf5NgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
IRISIO
2026-07-17 07:34:12
(1 day ago)
scans/SQL injection/spam posts : 18 queries
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-17 06:58:17
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 44.254.208.253 (ec2-44-254-208-253.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:58:13.525573 2026] [security2:error] [pid 9408:tid 9408] [client 44.254.208.253:13668] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ourcritterguy.com"] [uri "/.env"] [unique_id "alnShYnNiq1IzD8roMVkDQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack