๐ฌ๐ง
thetomtaylor.co.uk
2026-04-25 21:05:03
(2 months ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 20:33:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 16:33:17.595894 2026] [security2:error] [pid 21376:tid 21376] [client 181.215.182.23:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/.env"] [unique_id "ae0lDasXgW5IJwOSeGarQwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
nzhost.co.nz
2026-04-25 19:57:15
(2 months ago)
$f2bV_matches
Hacking
Brute-Force
๐บ๐ธ
SLSLLC
2026-04-25 19:46:46
(2 months ago)
181.215.182.23 - - [25/Apr/2026:19:46:44 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (Maci ...
show more
181.215.182.23 - - [25/Apr/2026:19:46:44 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 19:34:34
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 15:34:30.540451 2026] [security2:error] [pid 10030:tid 10030] [client 181.215.182.23:19507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onevoicefoundationlb.org"] [uri "/.env"] [unique_id "ae0XRviXANNb-IvCQthhFAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
dtorrer
2026-04-25 19:13:16
(2 months ago)
General vulnerability scan.
Port Scan
๐ฌ๐ง
Aetherweb Ark
2026-04-25 19:10:55
(2 months ago)
(mod_security) mod_security (id:949110) triggered by 181.215.182.23 (US/United States/-): N in the l ...
show more
(mod_security) mod_security (id:949110) triggered by 181.215.182.23 (US/United States/-): N in the last X secs
show less
Web App Attack
๐บ๐ธ
rafled
2026-04-25 19:01:37
(2 months ago)
attempt to scan and scrape for env files and or files that expose the web app version
Bad Web Bot
๐ซ๐ท
Baking333
2026-04-25 18:46:42
(2 months ago)
[redacted] 181.215.182.23 - - [25/Apr/2026:19:40:31 +0100] "GET /.env HTTP/1.1" 302 5278 0/502626 "- ...
show more
[redacted] 181.215.182.23 - - [25/Apr/2026:19:40:31 +0100] "GET /.env HTTP/1.1" 302 5278 0/502626 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" [redacted] 181.215.182.23 - - [25/Apr/2026:19:46:41 +0100] "GET /.env HTTP/1.1" 302 5273 0/104304 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-04-25 18:28:05
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฑ๐ป
garmtech.com
2026-04-25 18:19:16
(2 months ago)
IM360 WAF: Laravel .env file access
Web App Attack
๐บ๐ธ
interbiznw.com
2026-04-25 18:13:33
(2 months ago)
malicious-web-requests-vulnerability-scanning-web1
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
dklueh79
2026-04-25 18:11:18
(2 months ago)
Probe for vulnerabilities. Path attempted: /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-25 18:00:43
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 14:00:37.944310 2026] [security2:error] [pid 3739:tid 3739] [client 181.215.182.23:7381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tek-front.com"] [uri "/.env"] [unique_id "ae0BRYFjbX5jNhj617QVOwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-02-11 02:40:08
(4 months ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking