π³π±
wlt-blocker
2026-06-07 12:55:15
(36 minutes ago)
Unauthorized access to webpage admin
Web App Attack
2026-06-07 12:28:00
(1 hour ago)
fail2ban apache-modsecurity web [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/dev/. ...
show more
fail2ban apache-modsecurity web [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/dev/.env"]
show less
Web App Attack
π©πͺ
ger-stg-sifi1
2026-06-07 12:27:02
(1 hour ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 12:13:34
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:13:28.396352 2026] [security2:error] [pid 28291:tid 28291] [client 76.13.35.50:57304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karenbernsteinlaw.com"] [uri "/members/.env"] [unique_id "aiVgaIkevmGI1qWTQl8cngAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-07 10:07:16
(3 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-197)
show less
Hacking
2026-06-07 09:05:08
(4 hours ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-06-07 06:43:49
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:43:45.865991 2026] [security2:error] [pid 19951:tid 19951] [client 76.13.35.50:28212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diveshop-pr.com"] [uri "/admin/.env"] [unique_id "aiUTIf27u66aQJvvotahHAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 05:00:29
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:00:23.309488 2026] [security2:error] [pid 7322:tid 7322] [client 76.13.35.50:50362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digi-estudio.com"] [uri "/dev/.env"] [unique_id "aiT65_YmKdIUhhpVWmuD3wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
consul.to
2026-06-07 04:30:18
(9 hours ago)
Web attack/malicious scanning detected
Web App Attack
π«π·
masterguru
2026-06-07 04:08:17
(9 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-201)
show less
Hacking
πΊπΈ
TPI-Abuse
2026-06-07 04:01:28
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 76.13.35.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:01:25.096621 2026] [security2:error] [pid 23485:tid 23517] [client 76.13.35.50:53640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "letterstomyhusband.com"] [uri "/admin/.env"] [unique_id "aiTtFfp-3OgulesuHZXI4wAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
zynex
2026-06-07 03:04:47
(10 hours ago)
URL Probing: /.env
Web App Attack
π·πΊ
DZBOT
2026-06-07 02:51:00
(10 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π³π±
Savvii
2026-06-07 02:29:42
(11 hours ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-07 02:06:59
(11 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-193)
show less
Hacking