๐ฎ๐ณ
evicky2002
2026-07-18 06:00:00
(10 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 21:59:50
(18 hours ago)
Auto-ban: >3000 req/min op 2026-07-17
Web App Attack
SSH
Hacking
๐ฎ๐น
VHosting
2026-07-17 18:00:05
(22 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 17:07:18
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 13:07:13.955925 2026] [security2:error] [pid 579:tid 579] [client 5.75.152.179:36614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inmosantanora.com"] [uri "/.env.example"] [unique_id "alphQQMhrli5Jv7HgmKGWQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:52:54
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:52:48.301555 2026] [security2:error] [pid 31867:tid 31867] [client 5.75.152.179:44876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restaurantehaowey.com"] [uri "/.env.template"] [unique_id "aloloOKhO_BsXB-NYH9fBwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Petros Stefanakis
2026-07-17 12:26:38
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 5.75.152.179 (DE/Germany/static.179.152 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 5.75.152.179 (DE/Germany/static.179.152.75.5.clients.your-server.de)
show less
SQL Injection
๐บ๐ธ
Matthew Ping
2026-07-17 12:00:05
(1 day ago)
ModSecurity rule 949110 triggered on d865. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 11:57:27
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:57:23.354301 2026] [security2:error] [pid 17189:tid 17189] [client 5.75.152.179:41478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hydrogenplus.rejuvenationsystems.com"] [uri "/.env"] [unique_id "aloYozLNBxYIfzczeNZiewAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-17 11:35:48
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:13:41
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:13:34.799437 2026] [security2:error] [pid 20805:tid 20805] [client 5.75.152.179:50652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.positivecreatespositive.zavijava.net"] [uri "/.env.local"] [unique_id "aloOXhLVcmMu08L2O4ebaAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
pixiekat
2026-07-17 11:13:02
(1 day ago)
[Fri Jul 17 12:13:01.763078 2026] [security2:error] [pid 1354899:tid 1354961] [client 5.75.152.179:3 ...
show more
[Fri Jul 17 12:13:01.763078 2026] [security2:error] [pid 1354899:tid 1354961] [client 5.75.152.179:39488] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [ver "OWASP_CRS/4.28.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "www.spacecadetgrrl.me"] [uri "/.env~"] [unique_id "aloOPQ52Uzmj414K0A0BKgAAAAw"]
[Fri Jul 17 12:13:01.891605 2026] [security2:error] [pid 1354899:tid 1354967] [client 5.75.152.179:39488] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/apache2/modsecurity-crs/coreruleset/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.28.0"] [tag "anomaly-evaluation
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:56:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:56:22.730414 2026] [security2:error] [pid 709944:tid 709944] [client 5.75.152.179:57884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inspiredsidekick.com"] [uri "/.env.production"] [unique_id "aloKVrxWQO7FTWNzUovPkwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 10:55:04
(1 day ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:27:34
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your- ...
show more
(mod_security) mod_security (id:210492) triggered by 5.75.152.179 (static.179.152.75.5.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:27:28.457143 2026] [security2:error] [pid 18182:tid 18241] [client 5.75.152.179:36480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gabegabel.prismatik.com"] [uri "/.env.local"] [unique_id "aloDkLttFf6GhleaBeUUvAAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
TheWojtek
2026-07-17 08:40:41
(1 day ago)
[Fri Jul 17 10:40:40.820355 2026] [access_compat:error] [pid 2747450:tid 2747493] [client 5.75.152.1 ...
show more
[Fri Jul 17 10:40:40.820355 2026] [access_compat:error] [pid 2747450:tid 2747493] [client 5.75.152.179:56940] AH01797: client denied by server configuration: /var/www/nextcloud/config/production.json
...
show less
Brute-Force
Web App Attack