Anonymous
2026-07-10 01:05:53
(28 minutes ago)
"GET /wp-content/blogs.dir/about.php HTTP/1.1"
Hacking
Web App Attack
Anonymous
2026-07-09 23:00:02
(2 hours ago)
suspicious request in access.log
Web App Attack
π¨π¦
SSH-Admin
2026-07-09 21:41:35
(3 hours ago)
Probing for Exploits on ns153
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 20:30:51
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 16:30:30.906036 2026] [security2:error] [pid 19074:tid 19074] [client 64.112.57.182:47689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.creartest.com"] [uri "/.env.dev"] [unique_id "alAE5h1nF9tYRwrBZGjRqQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2026-07-09 19:42:00
(5 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-09 17:14:15
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 13:13:59.516933 2026] [security2:error] [pid 11876:tid 11876] [client 64.112.57.182:60537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iclog.us"] [uri "/.env.dev.local"] [unique_id "ak_W14yvwKIf8m0KjU-3zgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ipblock.com
2026-07-09 09:24:00
(16 hours ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 09:08:14
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:07:57.784788 2026] [security2:error] [pid 20395:tid 20395] [client 64.112.57.182:48745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/.env.development.local"] [unique_id "ak9k7czrX1FC1_6szIPRewAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 06:53:40
(18 hours ago)
Sensitive Configuration File Disclosure.
Hacking
πΊπΈ
TPI-Abuse
2026-07-09 01:22:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:22:31.581786 2026] [security2:error] [pid 14198:tid 14198] [client 64.112.57.182:35681] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verenacastle.com"] [uri "/.env.dev.local"] [unique_id "ak7310LgfOmTlY43o4_hXQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
polycoda
2026-07-08 23:43:39
(1 day ago)
π₯Ά Part of a DDoS attack wave
DDoS Attack
π¨π¦
polycoda
2026-07-08 21:48:26
(1 day ago)
π₯Ά Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
πΊπΈ
TPI-Abuse
2026-07-08 17:32:13
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 13:31:51.771441 2026] [security2:error] [pid 13603:tid 13603] [client 64.112.57.182:59581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/.env.dev"] [unique_id "ak6Jh5cgaph9KmhSVHEUQAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π·πΊ
OK
2026-07-08 17:06:43
(1 day ago)
HTTP/HTTPS
Hacking
Web App Attack