๐จ๐ญ
backslash
2026-07-09 06:57:01
(17 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-08 19:50:46
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
nyt
2026-07-08 18:11:01
(1 day ago)
Web Shell Upload
Hacking
Web App Attack
๐ซ๐ท
Octopuce
2026-07-08 11:40:43
(1 day ago)
Aggressive web search of vulnerable pages: /wp-content/plugins/wordpress-seo/wp-seo-main-float.php / ...
show more
Aggressive web search of vulnerable pages: /wp-content/plugins/wordpress-seo/wp-seo-main-float.php /wp-content/plugins/enhanced-text-widget/ana ...
show less
Web App Attack
๐ฌ๐ง
SilverZippo
2026-06-30 14:50:38
(1 week ago)
Web App Attack
Web App Attack
๐ฏ๐ต
demonsword
2026-06-30 09:51:26
(1 week ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443
show less
Open Proxy
Port Scan
๐ซ๐ท
IRISIO
2026-06-08 10:15:55
(1 month ago)
scans/SQL injection/spam posts : 307 queries
Web App Attack
SQL Injection
๐ซ๐ท
IRISIO
2026-06-08 08:02:34
(1 month ago)
scans/SQL injection/spam posts : 231 queries
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-05-28 02:28:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 22:28:03.441532 2026] [security2:error] [pid 16456:tid 16466] [client 82.118.30.38:30159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.doorways.dk"] [uri "/.env.production"] [unique_id "aheoM01KMAc3zsWOtejiDgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-28 01:35:29
(1 month ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/backend/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 16:53:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 12:53:17.234442 2026] [security2:error] [pid 13034:tid 13034] [client 82.118.30.38:41709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keystroke.info"] [uri "/.env.dev"] [unique_id "ahR-fS0Ei5e_2RdxwiIIfAAAADY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 16:10:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 12:09:55.967700 2026] [security2:error] [pid 7487:tid 7487] [client 82.118.30.38:54251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ficklepassion.com"] [uri "/.env"] [unique_id "ahR0U2j1OR8L1Bcutd6qrgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 14:59:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:59:25.474951 2026] [security2:error] [pid 13457:tid 13457] [client 82.118.30.38:47201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yerevanpress.am"] [uri "/api/.env"] [unique_id "ahRjzRbtdmdT9N8OKlPfGAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 14:33:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:32:52.169583 2026] [security2:error] [pid 23347:tid 23347] [client 82.118.30.38:40853] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "venturecg.com"] [uri "/.env.staging"] [unique_id "ahRdlL6RsZY9_Kyz715FWgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
Anytech
2026-05-25 13:33:57
(1 month ago)
Blocked by Conn-Monitor: Web scanning activity
Hacking
Web App Attack