Anonymous
2026-06-19 07:06:52
(1 week ago)
Trying to access config files
Web App Attack
Anonymous
2026-06-19 05:00:49
(1 week ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-19 04:06:07
(1 week ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐ท๐บ
DZBOT
2026-06-18 07:29:49
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 07:16:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 03:16:23.519764 2026] [security2:error] [pid 25497:tid 25500] [client 102.129.234.158:7038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kyrameadows.com"] [uri "/.env"] [unique_id "ajObR9G8qNRh5F6QCx49bgAAAUE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 07:01:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 03:00:58.467188 2026] [security2:error] [pid 23675:tid 23675] [client 102.129.234.158:16138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.yakski.com"] [uri "/.env"] [unique_id "ajOXqvCvgTpmhFl4BRBnDwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 06:40:06
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:40:02.273474 2026] [security2:error] [pid 5218:tid 5218] [client 102.129.234.158:21311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.proprocessor.com"] [uri "/.env"] [unique_id "ajOSwo77GvbZj0DufBIF8QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
Anytech
2026-06-18 06:20:00
(1 week ago)
Blocked by Conn-Monitor: Web scanning activity
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 06:17:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:17:09.510485 2026] [security2:error] [pid 26082:tid 26082] [client 102.129.234.158:31223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gemco-mfg.com"] [uri "/.env"] [unique_id "ajONZUYRqgobOh-JDAn4RwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob.fr
2026-06-18 06:15:06
(1 week ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ณ๐ฑ
MM-bot
2026-06-18 06:06:40
(1 week ago)
URL-probe: HTTP/1.1 GET request on /.env (2026-06-18 08:06:40 UTC+2)
Web App Attack
Hacking
๐ต๐ฑ
lns.bz
2026-06-18 05:44:47
(1 week ago)
Web app attack [PL.Lu]
Exploited Host
Web App Attack
Anonymous
2026-06-18 05:28:08
(1 week ago)
102.129.234.158 - - [18/Jun/2026:07:27:41 +0200] "GET /.env HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Maci ...
show more
102.129.234.158 - - [18/Jun/2026:07:27:41 +0200] "GET /.env HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
102.129.234.158 - - [18/Jun/2026:07:27:53 +0200] "GET /.env HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
102.129.234.158 - - [18/Jun/2026:07:27:53 +0200] "GET /.env HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
102.129.234.158 - - [18/Jun/2026:07:27:58 +0200] "GET /.env HTTP/1.1" 404 447 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
102.129.234.158 - - [18/Jun/2026:07:27:58 +0200] "GET /.env HTTP/1.1" 404 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
102.129.234.158 - - [18/Jun/2026:07:27:58 +0200] "GET /.env HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefo
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
ArturShelby
2026-06-18 05:20:37
(1 week ago)
Critical file access: /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 05:14:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 102.129.234.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:13:55.229126 2026] [security2:error] [pid 29756:tid 29756] [client 102.129.234.158:6724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terrybeachmusic.com"] [uri "/.env"] [unique_id "ajN-k3coHnpBafMuejaRwgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack