๐ซ๐ท
Baking333
2026-07-08 07:07:55
(1 week ago)
[redacted] 185.215.151.233 - - [08/Jul/2026:08:06:03 +0100] "GET /.env HTTP/1.1" 302 6743 0/64308 "- ...
show more
[redacted] 185.215.151.233 - - [08/Jul/2026:08:06:03 +0100] "GET /.env HTTP/1.1" 302 6743 0/64308 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" [redacted] 185.215.151.233 - - [08/Jul/2026:08:07:52 +0100] "GET /.env HTTP/1.1" 302 6753 0/90071 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
show less
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 03:48:52
(1 week ago)
109 requests with url.path /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 03:29:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 23:29:09.132526 2026] [security2:error] [pid 27029:tid 27029] [client 185.215.151.233:57551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayareahiphopforever.org"] [uri "/.env"] [unique_id "ak3EBUv1753cqd3cRz_5YgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-08 01:39:57
(1 week ago)
[redacted] 185.215.151.233 - - [08/Jul/2026:01:43:05 +0100] "GET /.env HTTP/1.1" 302 6773 0/43620 "- ...
show more
[redacted] 185.215.151.233 - - [08/Jul/2026:01:43:05 +0100] "GET /.env HTTP/1.1" 302 6773 0/43620 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" [redacted] 185.215.151.233 - - [08/Jul/2026:02:39:55 +0100] "GET /.env HTTP/1.1" 302 6773 0/51610 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 01:38:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 21:38:40.191964 2026] [security2:error] [pid 2586:tid 2610] [client 185.215.151.233:55439] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chilltech.info"] [uri "/.env"] [unique_id "ak2qIK6fvM1blI1Gof4e8QAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 22:47:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 18:47:38.447439 2026] [security2:error] [pid 23644:tid 23644] [client 185.215.151.233:57332] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianfolkmagician.com"] [uri "/.env"] [unique_id "ak2CCnRG2NNQE6nmU6GAywAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:40
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-06.
show less
Web App Attack
SSH
Hacking
๐ซ๐ท
Baking333
2026-07-07 21:10:35
(1 week ago)
[redacted] 185.215.151.233 - - [07/Jul/2026:21:21:51 +0100] "GET /.env HTTP/1.1" 302 6783 0/166523 " ...
show more
[redacted] 185.215.151.233 - - [07/Jul/2026:21:21:51 +0100] "GET /.env HTTP/1.1" 302 6783 0/166523 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" [redacted] 185.215.151.233 - - [07/Jul/2026:22:10:34 +0100] "GET /.env HTTP/1.1" 302 6783 0/76819 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 21:01:48
(1 week ago)
185.215.151.233 - - [07/Jul/2026:21:01:47 +0000] "GET /.env HTTP/1.1" 404 7339 "-" "Mozilla/5.0 (Mac ...
show more
185.215.151.233 - - [07/Jul/2026:21:01:47 +0000] "GET /.env HTTP/1.1" 404 7339 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 20:45:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:45:32.432618 2026] [security2:error] [pid 21113:tid 21113] [client 185.215.151.233:56979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agrizel.com"] [uri "/.env"] [unique_id "ak1lbE0U-282gH__WJ_f_wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐น
Subnet Phantom Veil
2026-07-07 13:27:07
(1 week ago)
[CRITICAL][Security Alert] Targeted exploit scanning against Textbook Vulnerabilities. Bot hunting f ...
show more
[CRITICAL][Security Alert] Targeted exploit scanning against Textbook Vulnerabilities. Bot hunting for PHP backdoors. [Method]: => GET. [Request]: => /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php. Access revoked. [User-Agent]: python-requests/2.25.1. [OS]: Unknown. [IP Address]: 185.215.151.233. [Date]: 2026-07-07 14:21:17 UTC.
show less
Bad Web Bot
Hacking
Port Scan
Web App Attack
๐ต๐น
Subnet Shadow Specter
2026-07-07 12:53:23
(1 week ago)
[Activity Alert] Abusive automated scraping detected in violation of crawl depth limits. IP automati ...
show more
[Activity Alert] Abusive automated scraping detected in violation of crawl depth limits. IP automatically blocked and banned. [User-Agent]: python-requests/2.25.1. [OS]: Unknown. [IP Address]: 185.215.151.233. [Date]: 2026-07-07 13:34:16 UTC.
show less
Bad Web Bot
Hacking
Port Scan
Web App Attack
๐ซ๐ท
Baking333
2026-07-07 12:39:18
(1 week ago)
[redacted] 185.215.151.233 - - [07/Jul/2026:13:32:11 +0100] "GET /.env HTTP/1.1" 302 6768 0/106790 " ...
show more
[redacted] 185.215.151.233 - - [07/Jul/2026:13:32:11 +0100] "GET /.env HTTP/1.1" 302 6768 0/106790 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_8; en-us) AppleWebKit/534.50 (KHTML, like Gecko) Version/5.1 Safari/534.50" [redacted] 185.215.151.233 - - [07/Jul/2026:13:39:17 +0100] "GET /.env HTTP/1.1" 302 6768 0/46893 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 12:21:03
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.215.151.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:20:57.555083 2026] [security2:error] [pid 21441:tid 21441] [client 185.215.151.233:58757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebradleyclinic.com"] [uri "/.env"] [unique_id "akzvKbHwym3gcxy7a6_OOQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-06 22:00:02
(1 week ago)
Auto-ban: >3000 req/min op 2026-07-06
Web App Attack
SSH
Hacking