๐บ๐ธ
nyt
2026-07-08 18:11:20
(15 hours ago)
404 flood (16/60s), 404 flood (17/60s)
Bad Web Bot
Web App Attack
๐ฉ๐ช
conseilgouz
2026-06-30 22:30:12
(1 week ago)
mae-21 : Rogue PHP files=>/adminer.php
Hacking
Anonymous
2026-06-30 20:19:42
(1 week ago)
82.118.30.42 - - [30/Jun/2026:17:19:32 -0300] "GET /adminer.php HTTP/1.1" 404 1185 "-" "Mozilla/5.0 ...
show more
82.118.30.42 - - [30/Jun/2026:17:19:32 -0300] "GET /adminer.php HTTP/1.1" 404 1185 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
82.118.30.42 - - [30/Jun/2026:17:19:39 -0300] "GET /adminer.php HTTP/1.1" 404 826 "https://guiasorocabano.com.br/adminer.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0"
...
show less
Port Scan
๐ฑ๐ป
garmtech.com
2026-06-30 16:22:15
(1 week ago)
Attempted access to sensitive endpoint (/adminer.php) detected. Automated scan or unauthorized probi ...
show more
Attempted access to sensitive endpoint (/adminer.php) detected. Automated scan or unauthorized probing.
show less
Web App Attack
๐ฌ๐ง
SilverZippo
2026-06-30 14:50:37
(1 week ago)
Web App Attack
Web App Attack
๐ซ๐ท
IRISIO
2026-06-08 08:02:37
(1 month ago)
scans/SQL injection/spam posts : 66 queries
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-05-25 17:50:43
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 13:50:36.293246 2026] [security2:error] [pid 3855:tid 3917] [client 82.118.30.42:56147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mykfccares.com"] [uri "/.env.dev"] [unique_id "ahSL7F2CtWa2PQYrISOeAQAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 17:16:39
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:949110) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 13:16:26.872437 2026] [security2:error] [pid 8118:tid 8118] [client 82.118.30.42:35717] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "experimentalscene.com"] [uri "/.env.production"] [unique_id "ahSD6mFKbfem5vazQMg1GwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-05-25 17:10:18
(1 month ago)
[Tue May 26 03:10:17.850698 2026] [security2:error] [pid 144325] [client 82.118.30.42:50601] [client ...
show more
[Tue May 26 03:10:17.850698 2026] [security2:error] [pid 144325] [client 82.118.30.42:50601] [client 82.118.30.42] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/app/.env"] [unique_id "ahSCec91g2eELQjQbhY-dwAAAE0"]
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 14:59:15
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:59:08.538443 2026] [security2:error] [pid 4706:tid 4706] [client 82.118.30.42:38415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yerevanpress.am"] [uri "/.env.staging"] [unique_id "ahRjvA7KXG0bHK0kgRhoHAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 14:32:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:32:40.943389 2026] [security2:error] [pid 8938:tid 8938] [client 82.118.30.42:51931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "venturecg.com"] [uri "/.env.local"] [unique_id "ahRdiI8l_xnDqmSuSfHh8AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 12:12:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 08:11:55.623404 2026] [security2:error] [pid 29624:tid 29624] [client 82.118.30.42:31615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ficklepassionproductions.com"] [uri "/.env.prod"] [unique_id "ahQ8ixD9Bp-WFQuI7VQTgAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-05-25 09:12:07
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
raph
2026-05-23 04:57:33
(1 month ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-14 08:15:46
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 82.118.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 04:15:42.133642 2026] [security2:error] [pid 29997:tid 30009] [client 82.118.30.42:45105] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.howlerrock.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.howlerrock.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "agWEri3yMQNded-fJxeDDgAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack