๐ช๐ธ
offensivesentinel
2026-07-06 06:40:19
(21 minutes ago)
ModSecurity rule violation on iesmonterroso.org
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 03:25:29
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:25:24.298079 2026] [security2:error] [pid 11157:tid 11157] [client 82.147.67.198:49698] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "harmonyexpos.com"] [uri "/public/.env"] [unique_id "aksgJJaT6Lf48dCIkDEhPgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 23:55:12
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 19:55:02.626927 2026] [security2:error] [pid 20797:tid 20797] [client 82.147.67.198:45142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barriebrown.com"] [uri "/www/.env"] [unique_id "akru1mf8TgFybazI2pcbgQAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-05 23:44:45
(7 hours ago)
Try to access /.env
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-05 22:21:12
(8 hours ago)
Web scanning / probing for vulnerable paths | URL: /web/.env.save | Evidence: ofertravel.es 82.147.6 ...
show more
Web scanning / probing for vulnerable paths | URL: /web/.env.save | Evidence: ofertravel.es 82.147.67.198 - - [06/Jul/2026:00:20:54 +0200] \"GET /web/.env.save HTTP/1.1\" 404 19515 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36\" GEOIP_COUNTRY_CODE=RU | ASN: Adman LLC | Country: RU
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:18:18
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:18:10.398555 2026] [security2:error] [pid 8719:tid 8719] [client 82.147.67.198:54690] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nodepot.com"] [uri "/public/.env"] [unique_id "akrYIpE0X9Bc_T9u1p_1cQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 20:53:58
(10 hours ago)
(caddyscan) Scanner path probe from 82.147.67.198 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 82.147.67.198 (RU/Russia/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 82.147.67.198 - - [05/Jul/2026:20:53:50 +0000] "GET /xmlrpc.php HTTP/1.1"
[REDACTED] 200 2627 82.147.67.198 - - [05/Jul/2026:20:53:50 +0000] "GET /wp-login.php HTTP/1.1"
[REDACTED] 200 2627 82.147.67.198 - - [05/Jul/2026:20:53:52 +0000] "GET /wp-login.php HTTP/1.1"
[REDACTED] 200 2627 82.147.67.198 - - [05/Jul/2026:20:53:53 +0000] "GET /xmlrpc.php HTTP/1.1"
[REDACTED] 200 2627 82.147.67.198 - - [05/Jul/2026:20:53:53 +0000] "GET /wp-login.php HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-05 11:54:50
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:54:41.561639 2026] [security2:error] [pid 22474:tid 22474] [client 82.147.67.198:50670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weat.net"] [uri "/public/.env"] [unique_id "akpGAQUcJcEYyHhkITwIhAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 06:58:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 02:58:33.244252 2026] [security2:error] [pid 13733:tid 13866] [client 82.147.67.198:59130] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geekshop.com"] [uri "/html/.env"] [unique_id "akoAmXkWzuC4IxR1VWXIQwAAAVQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-05 03:38:00
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 00:16:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 20:16:43.135327 2026] [security2:error] [pid 14161:tid 14161] [client 82.147.67.198:52036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sparler.com"] [uri "/public/.env"] [unique_id "akmia1DL6RYI1h73yYgazAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-04 14:38:08
(1 day ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 08:44:04
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 82.147.67.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:43:55.159303 2026] [security2:error] [pid 13141:tid 13141] [client 82.147.67.198:54388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/public/.env"] [unique_id "akjHywibcdtrYiKEseE-XwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-03 00:12:03
(3 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ซ๐ท
IRISIO
2026-07-01 14:02:49
(4 days ago)
scans/SQL injection/spam posts : 70 queries
Web App Attack
SQL Injection