๐ณ๐ฑ
DonAtari
2026-07-09 15:51:50
(1 day ago)
DShield firewall scan - TCP to port 8080
Brute-Force
SSH
๐ธ๐ช
shab
2026-06-19 21:08:01
(3 weeks ago)
Repeated VPN Brute Force
Brute-Force
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-12 14:06:02
(4 weeks ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01]
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-12 13:39:25
(4 weeks ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 13:11:20
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:11:15.927383 2026] [security2:error] [pid 10580:tid 10580] [client 104.234.208.248:25949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "impressionsinthread.com"] [uri "/.env"] [unique_id "aiwFc5zR89YefuJMHC4HaAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-12 13:08:01
(4 weeks ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,mx01,mx02,mx03,wa ...
show more
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,mx01,mx02,mx03,wa02]
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 12:43:44
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:43:36.758795 2026] [security2:error] [pid 7696:tid 7718] [client 104.234.208.248:50669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "certifiedprojectmanager.us"] [uri "/.env"] [unique_id "aiv--ADt7kkvR2zL4hrk8QAAARQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 11:18:20
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:18:13.820269 2026] [security2:error] [pid 5395:tid 5395] [client 104.234.208.248:52271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "armstrongpartnersllc.com"] [uri "/.env"] [unique_id "aivq9UKXGkfUs6rS07gGkwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 10:30:36
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:30:29.000416 2026] [security2:error] [pid 7882:tid 7882] [client 104.234.208.248:60785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juncurryahn.com"] [uri "/.env"] [unique_id "aivfxHojGnQll0S6ekkJNwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-12 10:05:03
(4 weeks ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-11 19:51:35
(4 weeks ago)
Try to access /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 19:25:04
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 15:24:59.323848 2026] [security2:error] [pid 2568:tid 2568] [client 104.234.208.248:31657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koshland.org"] [uri "/.env"] [unique_id "aisLi7m5BCwGAa6SvSLPngAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 17:29:03
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 13:28:56.560118 2026] [security2:error] [pid 3045:tid 3045] [client 104.234.208.248:62745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "butterflybuilders.net"] [uri "/.env"] [unique_id "airwWP8p7MpOW7rGO8OhDQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-11 17:05:49
(4 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 15:24:44
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.234.208.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:24:38.688791 2026] [security2:error] [pid 24406:tid 24510] [client 104.234.208.248:44429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dailysavershbg.com"] [uri "/.env"] [unique_id "airTNgZwmX_GnsiR_GR85AAAAQU"]
show less
Brute-Force
Bad Web Bot
Web App Attack