π·πΊ
DZBOT
2026-07-17 04:53:55
(1 hour ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-07-17 02:33:48
(3 hours ago)
Bot detected scanning for vulnerable pages
Port Scan
πΊπΈ
TPI-Abuse
2026-07-17 02:09:27
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:09:20.336237 2026] [security2:error] [pid 125070:tid 125070] [client 63.179.110.192:38990] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "base86com.epetsure.co"] [uri "/.git/config"] [unique_id "almO0KpWeQFWTdnCfM1BCwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-17 00:59:45
(5 hours ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
πΊπΈ
OceanTreasure
2026-07-16 14:17:20
(16 hours ago)
tcp/443; WordPress admin access attempt: "GET /wp-admin/phpinfo.php" @ 2026-07-16T14:07:40Z [proxy]
Web App Attack
π«π·
COMAITE
2026-07-16 12:30:53
(17 hours ago)
Suspicious URL access.
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 07:32:25
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:32:19.313564 2026] [security2:error] [pid 16960:tid 17002] [client 63.179.110.192:41012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reciwee.andyboynton.com"] [uri "/.git/config"] [unique_id "aliJA9XBJ2NJ90Jgz1JXHgAAAIY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Octopuce
2026-07-16 05:32:44
(1 day ago)
Aggressive web search of vulnerable pages: /.env /.env.local /app/.env /apps/.env /api/.env ...
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 05:14:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:14:04.098262 2026] [security2:error] [pid 13192:tid 13192] [client 63.179.110.192:46380] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "recetabook.com"] [uri "/.git/config"] [unique_id "alhonCVL2vDkrQfRF7HBRQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπͺ
vaia.cloud
2026-07-16 05:10:04
(1 day ago)
trying wp-login.php/xmlrpc.php 213 times in 1 minutes
Brute-Force
Web App Attack
π§πΎ
lns.bz
2026-07-16 02:06:06
(1 day ago)
Too many 404 requests [BY]
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 00:24:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 63.179.110.192 (ec2-63-179-110-192.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:24:26.426684 2026] [security2:error] [pid 14060:tid 14216] [client 63.179.110.192:52864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reattaforsale.com"] [uri "/.git/config"] [unique_id "algkuuIx9nfzCOCNmE3zZAAAApA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-15 22:01:06
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
π©πͺ
Dominik Lysiak
2026-07-15 15:48:02
(1 day ago)
63.179.110.192 - - [15/Jul/2026:17:48:01 +0200] "GET /.git/config HTTP/1.1" 200 1140 "-" "Mozilla/5. ...
show more
63.179.110.192 - - [15/Jul/2026:17:48:01 +0200] "GET /.git/config HTTP/1.1" 200 1140 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
63.179.110.192 - - [15/Jul/2026:17:48:01 +0200] "GET /.env HTTP/1.1" 200 1140 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
63.179.110.192 - - [15/Jul/2026:17:48:01 +0200] "GET /.env.local HTTP/1.1" 200 1140 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
π©πͺ
updown.io
2026-07-15 13:11:52
(1 day ago)
{"level":"info","ts":1784121111.9244478,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1784121111.9244478,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"63.179.110.192","remote_port":"33962","client_ip":"63.179.110.192","proto":"HTTP/1.1","method":"GET","host":"status.1e.ca","uri":"/.env.development","headers":{"Accept":["*/*"],"Connection":["keep-alive"],"Next-Action":["x"],"X-Nextjs-Request-Id":["052e831b"],"Cookie":["REDACTED"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"],"Accept-Encoding":["gzip, deflate"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"http/1.1","server_name":"status.1e.ca","ech":false}},"bytes_read":0,"user_id":"","duration":0.000158893,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1784121111.9271522,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"63.179.110.192","re
...
show less
DDoS Attack
Web App Attack