๐จ๐ฟ
rawnullbyte
2026-07-18 18:57:38
(2 hours ago)
๐จ Honeypot triggered! ๐ฅ๏ธ System: NPot ๐ฏ Target: ROBOTS_TXT_PROBE ๐ฃ๏ธ Path: /robots.txt ๐ค Attacker IP: ...
show more
๐จ Honeypot triggered! ๐ฅ๏ธ System: NPot ๐ฏ Target: ROBOTS_TXT_PROBE ๐ฃ๏ธ Path: /robots.txt ๐ค Attacker IP: 172.68.244.176 โฐ Time: 2026-07-18 18:57:37 ๐ก User-Agent: facebookexternalhit/1.1 (+http://www.facebook.com/externalhit_uatext.php)
show less
Web App Attack
๐ท๐บ
DZBOT
2026-05-15 02:10:47
(2 months ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:18
(2 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-04-30 11:21:46
(2 months ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ฆ๐บ
oncord
2026-04-20 07:16:34
(2 months ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2026-04-07 04:21:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 00:21:19.619717 2026] [security2:error] [pid 436651:tid 436747] [client 172.68.244.176:11643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.indigowampum.com"] [uri "/.env.dev"] [unique_id "adSGPzB8sfXokoSKgQnqygAAAQk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 15:51:27
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 11:51:22.823253 2026] [security2:error] [pid 21392:tid 21392] [client 172.68.244.176:13106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boudousquieart.armadillosigns.com"] [uri "/.env.container"] [unique_id "adKE-go1lr7RBr5he65sXwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-04 12:20:32
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 09:45:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 05:45:33.445380 2026] [security2:error] [pid 1232:tid 1299] [client 172.68.244.176:11736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madring.live.venezuelaguia.com"] [uri "/.env2"] [unique_id "adDdvW3Y0TE8Ied9dnsdQQAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 07:38:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 03:37:55.394362 2026] [security2:error] [pid 11510:tid 11510] [client 172.68.244.176:13125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fatjesus.com"] [uri "/app/.env"] [unique_id "adC_0zki1SxbhbsVqWV7SQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 12:35:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 08:34:46.406326 2026] [security2:error] [pid 5976:tid 5976] [client 172.68.244.176:12931] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.uraniumjewelry.com"] [uri "/.env.development.local"] [unique_id "ac-z5o8tjeWCZ9N0MYG4fwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 11:32:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 07:32:26.169270 2026] [security2:error] [pid 7481:tid 7481] [client 172.68.244.176:9659] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.arcbridge.com"] [uri "/.env.production.local"] [unique_id "ac-lSu3VPQA3SMDAMiVDmQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 09:01:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 05:01:05.901596 2026] [security2:error] [pid 9666:tid 9666] [client 172.68.244.176:9316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bernabeu.org"] [uri "/.env.dev"] [unique_id "ac-B0cFOAc3LBJs5NzHpZAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 20:05:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 16:05:11.932065 2026] [security2:error] [pid 13598:tid 13598] [client 172.68.244.176:11949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.catking.net"] [uri "/backend/.env"] [unique_id "ac7L94oZdFUbKBbyF5IRTwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 11:01:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.244.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 07:01:33.412707 2026] [security2:error] [pid 4756:tid 4756] [client 172.68.244.176:10978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hal.digital"] [uri "/config/.env"] [unique_id "acz7Dc0CGccHdsuQUGKqWAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack