๐ง๐ช
boxed-it
2026-06-26 10:59:54
(1 week ago)
GET /config/.env (Tarpitted for 1d15h8m29s, wasted 8.06MB)
Web App Attack
๐ง๐ช
sid3windr
2026-06-25 11:43:50
(1 week ago)
GET /config/.env (Tarpitted for 1d12h17m52s, wasted 7.48MB)
Web App Attack
๐ง๐ช
boxed-it
2026-06-24 20:26:52
(1 week ago)
GET /config/secrets.json (Tarpitted for 15m4s, wasted 53.09kB)
Web App Attack
๐ง๐ช
boxed-it
2026-06-24 12:42:58
(1 week ago)
GET /config/.env (Tarpitted for 1d15h8m29s, wasted 8.06MB)
Web App Attack
๐ฌ๐ง
Hobby Bob
2026-06-23 08:01:24
(1 week ago)
Jun 23 09:01:24 mail postfix/submission/smtpd[1042697]: warning: unknown[193.29.139.217]: SASL PLAIN ...
show more
Jun 23 09:01:24 mail postfix/submission/smtpd[1042697]: warning: unknown[193.29.139.217]: SASL PLAIN authentication failed:
show less
Hacking
Brute-Force
๐ง๐ช
sid3windr
2026-06-23 07:24:25
(1 week ago)
GET /config/secrets.json (Tarpitted for , wasted 120B)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 16:39:28
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:39:22.050621 2026] [security2:error] [pid 11676:tid 11676] [client 193.29.139.217:64658] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.construction.bonefrog.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.construction.bonefrog.com"] [uri "/telegram_private.db"] [unique_id "ajVwukQ6kVMOrhRtW1MWkgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
librebit
2026-06-19 14:00:44
(2 weeks ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-19 05:19:51
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 01:19:46.923311 2026] [security2:error] [pid 17733:tid 17733] [client 193.29.139.217:45634] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||garyandthegroove.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garyandthegroove.com"] [uri "/telegram_messages.db"] [unique_id "ajTRcg5XkXRd4fLwdauTcgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 05:16:11
(2 weeks ago)
Automated report (2026-06-19T01:16:11-04:00). Caught probing for env file.
Hacking
Web App Attack
๐ซ๐ท
Duggy_Tuxy๐งฑ
2026-06-18 06:05:03
(2 weeks ago)
[HP02-SRV02-FR] Blocked by SysWarden Firewall (Port Scan / Probing)
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-16 23:05:59
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:05:52.995020 2026] [security2:error] [pid 11671:tid 11671] [client 193.29.139.217:32520] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.qxoticdivas.postermodelsworldwideinc.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.qxoticdivas.postermodelsworldwideinc.com"] [uri "/telegram_private.db"] [unique_id "ajHW0IdE6dWGCpLBaz4wDQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 17:42:35
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:42:30.059133 2026] [security2:error] [pid 5367:tid 5388] [client 193.29.139.217:24668] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardleeweatherman.com"] [uri "/.env.swp"] [unique_id "ajA5hoCzobCS6E1k2bYAZQAAAUA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 16:21:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.29.139.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:21:28.668279 2026] [security2:error] [pid 16599:tid 16599] [client 193.29.139.217:22758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ilandman.com"] [uri "/.env.gemini.gpg"] [unique_id "ajAmiKUzx5xNnKpmfbbSSgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ณ
Public CSIRT/CC of Mongolia
2026-06-15 15:35:44
(2 weeks ago)
Honeypot hit: Incoming HTTP traffic on port 81
Web App Attack
Bad Web Bot