๐ฉ๐ช
LRob
2026-06-28 13:00:10
(4 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ธ๐ช
shab
2026-06-16 21:35:53
(2 weeks ago)
Repeated VPN Brute Force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-15 01:03:01
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:02:56.428551 2026] [security2:error] [pid 22838:tid 22838] [client 104.234.208.165:57107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greed.ee"] [uri "/.env"] [unique_id "ai9PQKTPKcwe88nDq-nBkAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-15 00:19:00
(2 weeks ago)
Scanning/Probing (38)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 21:12:13
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:12:06.373677 2026] [security2:error] [pid 22329:tid 22329] [client 104.234.208.165:52183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casaconnell.com"] [uri "/.env"] [unique_id "ai8ZJjWw-dl7e8KvuzdLyAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 17:59:48
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:59:45.365525 2026] [security2:error] [pid 8101:tid 8101] [client 104.234.208.165:52981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiabrokers.net"] [uri "/.env"] [unique_id "ai7sEemBFJRVg2KM5_pDWAAAAFA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
joharikop
2026-06-14 15:44:52
(2 weeks ago)
Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ...
show more
Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 14:47:05
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 10:47:00.476974 2026] [security2:error] [pid 28778:tid 28778] [client 104.234.208.165:45581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fresh-cut.us"] [uri "/.env"] [unique_id "ai6-5ApZcwX7z8eDf_jUPwAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 13:11:09
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:11:04.516175 2026] [security2:error] [pid 23342:tid 23369] [client 104.234.208.165:38533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanacademyofprojectmanagement.com"] [uri "/.env"] [unique_id "ai6oaDcV7n_z6w0SJrYPrgAAAVc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 12:09:58
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:09:50.516377 2026] [security2:error] [pid 9559:tid 9559] [client 104.234.208.165:20595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "modmove.com"] [uri "/.env"] [unique_id "ai6aDkXQdlDykNYvNykaiAAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 11:13:52
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 07:13:45.579289 2026] [security2:error] [pid 30519:tid 30519] [client 104.234.208.165:29923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accredo.net"] [uri "/.env"] [unique_id "ai6M6e7-DggZ6wuVz3h_0gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
ipidentify
2026-06-14 09:16:11
(2 weeks ago)
2026-06-14T09:16:11Z GET /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 08:11:55
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 04:11:49.507289 2026] [security2:error] [pid 3345:tid 3345] [client 104.234.208.165:59149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meganmurph.com"] [uri "/.env"] [unique_id "ai5iRb_vE8MQGLCwRBTRDAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-14 06:45:02
(2 weeks ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 05:17:44
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:17:39.614354 2026] [security2:error] [pid 7583:tid 7583] [client 104.234.208.165:57347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blanchebb.com"] [uri "/.env"] [unique_id "ai45c64SPAu56tc_Aj2YHwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack