π¦πΉ
RenΓ© Hickersberger
2026-07-06 13:26:03
(19 hours ago)
malicious bot detected: violations="hit-honeypot"; user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; ...
show more
malicious bot detected: violations="hit-honeypot"; user_agent="Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0"
show less
Web App Attack
π©πͺ
Gwyneth Llewelyn
2026-07-06 09:46:32
(23 hours ago)
2026/07/06 10:46:30 [error] 2215#2215: *852816 access forbidden by rule, client: 162.141.167.36, ser ...
show more
2026/07/06 10:46:30 [error] 2215#2215: *852816 access forbidden by rule, client: 162.141.167.36, server: [redacted], request: "GET /backend/.env HTTP/1.1", host: "[redacted]"
2026/07/06 10:46:30 [error] 2215#2215: *852808 access forbidden by rule, client: 162.141.167.36, server: [redacted], request: "GET /.env HTTP/1.1", host: "[redacted]"
162.141.167.36 - - [06/Jul/2026:10:46:30 +0100] "GET /.env HTTP/1.1" 403 1057 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
show less
Brute-Force
Web App Attack
π¬π§
sc user
2026-07-05 20:35:12
(1 day ago)
Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ...
show more
Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy.
show less
Bad Web Bot
Web App Attack
Port Scan
πΊπΈ
TPI-Abuse
2026-07-05 20:11:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:11:45.578562 2026] [security2:error] [pid 32102:tid 32102] [client 162.141.167.36:36328] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonmedia.ai"] [uri "/.git/config"] [unique_id "akq6gddkhfY10SEBtO9_WgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 18:44:48
(1 day ago)
162.141.167.36 - - [05/Jul/2026:20:44:47 +0200] "GET /.git/HEAD HTTP/1.1" 404 444 "-" "Mozilla/5.0 ( ...
show more
162.141.167.36 - - [05/Jul/2026:20:44:47 +0200] "GET /.git/HEAD HTTP/1.1" 404 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
162.141.167.36 - - [05/Jul/2026:20:44:47 +0200] "GET /.git/HEAD HTTP/1.1" 404 249 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
162.141.167.36 - - [05/Jul/2026:20:44:48 +0200] "GET /.git/config HTTP/1.1" 404 444 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
162.141.167.36 - - [05/Jul/2026:20:44:48 +0200] "GET /.git/config HTTP/1.1" 404 249 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
162.141.167.36 - - [05/Jul/2026:20:44:48 +0200] "GET /.env.local HTTP/1.1" 404 444 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/
...
show less
Bad Web Bot
Web App Attack
π«π·
YF
2026-07-05 18:27:48
(1 day ago)
Environment file probe
Web App Attack
πΊπΈ
ambor
2026-07-05 13:30:31
(1 day ago)
L0ss Honeypot: Git HEAD file access attempt. Path: /.git/HEAD
Web App Attack
π©πͺ
neckaralb-admin.de
2026-07-05 12:23:29
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 11:02:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:02:24.143687 2026] [security2:error] [pid 19402:tid 19402] [client 162.141.167.36:60368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "localonlinevisibility.com.needtoorder.us"] [uri "/.git/HEAD"] [unique_id "ako5wPyzzDQ8sNBkWYEMaQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
itsolon
2026-07-05 11:02:05
(1 day ago)
[05/Jul/2026:13:02:04 +0200] 178324932437.485563 162.141.167.36 49184 217.154.7.177 443
[05/Jul/2026 ...
show more
[05/Jul/2026:13:02:04 +0200] 178324932437.485563 162.141.167.36 49184 217.154.7.177 443
[05/Jul/2026:13:02:04 +0200] 178324932422.082708 162.141.167.36 49144 217.154.7.177 443
[05/Jul/2026:13:02:04 +0200] 178324932487.197977 162.141.167.36 49158 217.154.7.177 443
[05/Jul/2026:13:02:04 +0200] 178324932454.012779 162.141.167.36 49116 217.154.7.177 443
[05/Jul/2026:13:02:04 +0200] 178324932475.018605 162.141.167.36 49102 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
π©πͺ
ger-stg-sifi1
2026-07-05 10:52:52
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
π·πΊ
DZBOT
2026-07-05 10:43:12
(1 day ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 10:35:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.141.167.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 06:35:44.237770 2026] [security2:error] [pid 10948:tid 10948] [client 162.141.167.36:60538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kotelbarmitzvah.com"] [uri "/.env"] [unique_id "akozgMyo9Y32v5FqK4UgowAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Matthew Ping
2026-07-05 07:45:01
(2 days ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-05 07:40:42
(2 days ago)
GET env | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrom ...
show more
GET env | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109 | Time: 2026-07-05 07:40:41 UTC
show less
Web App Attack