๐ฉ๐ช
LRob
2026-07-02 07:46:51
(18 hours ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 07:39:36
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:39:29.022099 2026] [security2:error] [pid 10028:tid 10028] [client 181.215.182.109:17792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "radtraininginc.com"] [uri "/.env"] [unique_id "akYVsRzcYZ1O5mrhRxxkQAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ArturShelby
2026-07-02 07:35:24
(18 hours ago)
Critical file access: /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:09:47
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:09:42.386458 2026] [security2:error] [pid 4235:tid 4235] [client 181.215.182.109:54127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edgecomix.com"] [uri "/.env"] [unique_id "akYOtqekGzjXu_rJAUZ-IgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 07:05:43
(19 hours ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=8
Hacking
Anonymous
2026-07-02 07:05:01
(19 hours ago)
suspicious request in access.log
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 06:59:28
(19 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
Epimetheus
2026-07-02 06:48:36
(19 hours ago)
Unauthorized access attempts:
[GET] /.env
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77. ...
show more
Unauthorized access attempts:
[GET] /.env
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0
show less
Web App Attack
๐บ๐ธ
RH5
2026-07-02 06:43:56
(19 hours ago)
Restricted URL probing (/.env) (UTC 2026-07-02 06:43)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:43:34
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:43:28.027835 2026] [security2:error] [pid 23622:tid 23622] [client 181.215.182.109:28812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "floridausa.com"] [uri "/8news/.env"] [unique_id "akYIkCbkk9S9iMuAGD019wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-02 06:42:02
(19 hours ago)
Web scanning / probing for vulnerable paths | URL: /.env | Evidence: altovolta.es 181.215.182.109 - ...
show more
Web scanning / probing for vulnerable paths | URL: /.env | Evidence: altovolta.es 181.215.182.109 - - [02/Jul/2026:08:41:28 +0200] \"GET /.env HTTP/1.1\" 404 202 \"-\" \"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0\" GEOIP_COUNTRY_CODE=US | ASN: COGENT-174 | Country: US
show less
Port Scan
Web App Attack
Anonymous
2026-07-02 06:17:46
(19 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 181.215.182.109 (US/United States/-)
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-02 06:15:07
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:15:01.753541 2026] [security2:error] [pid 22096:tid 22096] [client 181.215.182.109:61040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mecme.co"] [uri "/.env"] [unique_id "akYB5YLzRC-u-7YbRlDw0QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:54:08
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:54:04.091256 2026] [security2:error] [pid 6166:tid 6166] [client 181.215.182.109:39895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rocketfuelpartners.com"] [uri "/.env"] [unique_id "akX8_Cc2J660JHfubE-gBQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 05:53:03
(20 hours ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.1
Hacking
Web App Attack