๐ซ๐ท
Octopuce
2026-07-05 21:23:13
(17 hours ago)
Aggressive web search of vulnerable pages: /phpinfo.php /info.php /test.php /temp.php /api/phpinfo.p ...
show more
Aggressive web search of vulnerable pages: /phpinfo.php /info.php /test.php /temp.php /api/phpinfo.php /cgi-bin/phpinfo.php /infophp.php /app_d ...
show less
Web App Attack
๐ฉ๐ช
R.G.
2026-07-05 19:14:08
(19 hours ago)
(ScanningForFiles) Scanning for files triggerd 54.255.211.225 (SG/Singapore/ec2-54-255-211-225.ap-so ...
show more
(ScanningForFiles) Scanning for files triggerd 54.255.211.225 (SG/Singapore/ec2-54-255-211-225.ap-southeast-1.compute.amazonaws.com): 10 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 18:43:50
(2 days ago)
164 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 15:29:29
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast ...
show more
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:29:23.035619 2026] [security2:error] [pid 27661:tid 27661] [client 54.255.211.225:56816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.chevronparkett.com"] [uri "/.env"] [unique_id "akfVU0SF_BKzcG1UPLIuBQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Anytech
2026-07-03 02:03:26
(3 days ago)
Blocked by Conn-Monitor: Web scanning activity
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:34:37
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast ...
show more
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:34:29.852330 2026] [security2:error] [pid 8792:tid 8792] [client 54.255.211.225:51896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.davefortier.com"] [uri "/.env"] [unique_id "akavNcpZ9h8U33KC5HvIqgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 17:03:19
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast ...
show more
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:03:15.893682 2026] [security2:error] [pid 21419:tid 21419] [client 54.255.211.225:42028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "more-grace.com"] [uri "/.env"] [unique_id "akaZ0x7lGKWfZ_vhBYENCQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-07-02 02:04:32
(4 days ago)
Accessed trap at '/phpinfo.php'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:58:35
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast ...
show more
(mod_security) mod_security (id:210492) triggered by 54.255.211.225 (ec2-54-255-211-225.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:58:29.192373 2026] [security2:error] [pid 28368:tid 28368] [client 54.255.211.225:55934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.n4fh.com"] [uri "/category/ramblings/.env"] [unique_id "akWNhTR-95yPnhPvtI8TPQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-01 17:15:06
(4 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack