๐บ๐ธ
Matthew Ping
2026-07-18 17:45:01
(1 hour ago)
ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ซ๐ท
masterguru
2026-07-18 15:00:58
(4 hours ago)
Restricted File Access Attempt. Matched phrase ".gitlab-ci.yml" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-18 14:14:02
(4 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 11:47:03
(7 hours ago)
(mod_security) mod_security (id:210730) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 07:46:59.396898 2026] [security2:error] [pid 24306:tid 24306] [client 8.234.158.91:37692] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||portraitgalleria.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "portraitgalleria.com"] [uri "/z9x8c7v6b5-debug-trigger-portraitgalleria.com"] [unique_id "altnsz3Hf9L0Af7CdO2zCQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-18 11:42:00
(7 hours ago)
block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1
Bad Web Bot
Anonymous
2026-07-18 11:32:05
(7 hours ago)
Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET ...
show more
Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /.aws/config HTTP/1.1, POST /graphql HTTP/1.1, GET /.git-credentials HTTP/1.1, GET /.env.production HTTP/1.1, GET / HTTP/1.1, GET /webpack-stats.json HTTP/1.1, GET /.env.example HTTP/1.1, GET /rclone.conf HTTP/1.1, GET /.env.old HTTP/1.1, GET /.gitlab-ci.yml HTTP/1.1, GET /.github/workflows/deploy.yml HTTP/2.0, GET /.env.local HTTP/1.1, GET /.git-credentials HTTP/2.0, GET /.env.bak HTTP/1.1, GET /.gitconfig HTTP/1.1, GET /wp-json HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.env HTTP/1.1, GET /.github/workflows/deploy.yml HTTP/1.1
show less
Hacking
Web App Attack
๐ฉ๐ช
tentwentyfour
2026-07-18 11:32:02
(7 hours ago)
Blocked for probing for sensitive web application components
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-07-18 11:29:25
(7 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 10:29:14
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 06:29:07.596038 2026] [security2:error] [pid 31631:tid 31717] [client 8.234.158.91:40054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beelineproductions.com"] [uri "/.git/HEAD"] [unique_id "altVc23n7gw4UG8XZbvR8QAAAUg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 10:23:40
(8 hours ago)
[osotir.org] httpd-config-scan: sites=www.orthodoxpublications.com; logs=/var/log/httpd/domains/orth ...
show more
[osotir.org] httpd-config-scan: sites=www.orthodoxpublications.com; logs=/var/log/httpd/domains/orthodoxpublications.com.log; samples=/.hermes/.env | /core/.env | /.env.php.bak
show less
Hacking
Web App Attack
๐ฉ๐ช
SCHAPPY
2026-07-18 10:07:07
(8 hours ago)
Bad bot identified by user agent
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-18 10:02:16
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 06:02:08.663954 2026] [security2:error] [pid 48770:tid 48770] [client 8.234.158.91:36032] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "remote911.net"] [uri "/.env.example"] [unique_id "altPIImDzUJWfCyN2DxVWQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-18 09:43:56
(9 hours ago)
http-sensitive-files - IP: 8.234.158.91 - time="2026-07-18T11:43:56+02:00" level=info msg="(555f66b ...
show more
http-sensitive-files - IP: 8.234.158.91 - time="2026-07-18T11:43:56+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 8.234.158.91 (US/396982) : 4h ban on Ip 8.234.158.91" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 09:06:42
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 8.234.158.91 (91.158.234.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 05:06:33.794764 2026] [security2:error] [pid 221013:tid 221013] [client 8.234.158.91:33334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honer.org"] [uri "/.svn/entries"] [unique_id "altCGcSKL42RuDKhSkL4LQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-18 08:14:43
(10 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack