๐บ๐ธ
TPI-Abuse
2026-06-21 22:00:41
(1 week ago)
(mod_security) mod_security (id:210580) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210580) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 18:00:34.518291 2026] [security2:error] [pid 16319:tid 16319] [client 181.215.182.200:54275] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:log_filename. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||girardonline.net|F|2"] [data "Matched Data: etc/passwd found within ARGS:log_filename: ../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "girardonline.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ajhfAoyA8lpBd6r6hG3xyQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-04-06 01:45:02
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ง๐ท
Peregrine
2026-03-26 20:58:20
(3 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 -0300] "GET /.env HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-03-25 11:41:11
(3 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 -0300] "GET /.env HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-03-24 11:19:45
(3 months ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 181.215.182.200 162.158.175.218 - - [20/Mar/2026:22:13:31 -0300] "GET /.env HTTP/1.1" 404 414
show less
Bad Web Bot
๐จ๐ญ
zynex
2026-03-21 03:54:19
(3 months ago)
URL Probing: /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 03:49:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 23:49:14.027084 2026] [security2:error] [pid 11463:tid 11463] [client 181.215.182.200:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "site.kimbrothersusa.com"] [uri "/.env"] [unique_id "ab4VOkoOPdkHLAnXTIMVCQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-03-21 03:33:22
(3 months ago)
Blocking for trying to access an exploit file: /.env
Hacking
๐ง๐ช
cmbplf
2026-03-21 03:28:46
(3 months ago)
5.038 requests with url.path *.env
Brute-Force
Bad Web Bot
๐ฉ๐ช
ger-stg-sifi1
2026-03-21 03:18:53
(3 months ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐จ๐ฆ
cubie
2026-03-21 03:02:20
(3 months ago)
Web Attack: Config File Probe - Reported by CubieCloud Firewall [CFW_H186-003]
Hacking
Web App Attack
๐ช๐ธ
librebit
2026-03-21 02:58:09
(3 months ago)
Brute force
Brute-Force
๐ฉ๐ช
big-cloud.nl
2026-03-21 02:09:09
(3 months ago)
Try to access /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 01:56:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 21:56:55.162724 2026] [security2:error] [pid 31650:tid 31688] [client 181.215.182.200:20074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tamarkummel.com"] [uri "/.env"] [unique_id "ab365-C80wPqD-WtJuNSngAAAIs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Swiptly
2026-03-21 01:41:51
(3 months ago)
Bot scanning for environment files .env .env/\*
...
Web App Attack