๐ง๐ช
boxed-it
2026-06-19 22:25:27
(1 week ago)
GET /.env/.env.bak (Tarpitted for 1d15h8m28s, wasted 8.06MB)
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-18 22:03:03
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-17.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-06-18 18:30:34
(1 week ago)
(mod_security) mod_security triggered on hostname [redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown)
show less
SQL Injection
๐ซ๐ท
Baking333
2026-06-18 18:27:27
(1 week ago)
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:19:27:22 +0100] "GET /[redacted] ...
show more
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:19:27:22 +0100] "GET /[redacted] HTTP/1.1" 302 5288 0/53928 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" [redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:19:27:25 +0100] "GET /_profiler/phpinfo HTTP/1.1" 302 5288 0/102310 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 17:02:03
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknow ...
show more
(mod_security) mod_security (id:949110) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 13:01:56.355742 2026] [security2:error] [pid 6325:tid 6325] [client 2001:448a:a071:147e:9c2d:c39f:698f:67d2:56202] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "alliancegroupga.com"] [uri "/.env/.env.bak"] [unique_id "ajQkhOLjPLyG_678r1pCZgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-18 14:43:56
(1 week ago)
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:15:43:46 +0100] "GET /[redacted] ...
show more
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:15:43:46 +0100] "GET /[redacted] HTTP/1.1" 302 5263 0/109607 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" [redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:15:43:54 +0100] "GET /_profiler/phpinfo HTTP/1.1" 302 5263 0/146491 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 11:48:10
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknow ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 07:48:05.107145 2026] [security2:error] [pid 19965:tid 19965] [client 2001:448a:a071:147e:9c2d:c39f:698f:67d2:52224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "al-ketab.net"] [uri "/.env/.env.bak"] [unique_id "ajPa9eW8hk0TX1U6131_uQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-18 09:02:18
(1 week ago)
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:10:02:15 +0100] "GET /[redacted] ...
show more
[redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:10:02:15 +0100] "GET /[redacted] HTTP/2.0" 301 295 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" [redacted] 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:10:02:16 +0100] "GET /fr/[redacted]/ HTTP/2.0" 404 26744 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-18 07:21:28
(1 week ago)
2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:07:21:28 +0000] "GET /_profiler/phpinfo HTT ...
show more
2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:07:21:28 +0000] "GET /_profiler/phpinfo HTTP/1.1" 404 437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-06-18 03:55:41
(1 week ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:147e:9c2d:c39f:698f:67d2 ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (ID/Indonesia/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:05:55:38 +0200] "GET /.aws/credentials HTTP/1.1" 301 287 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=accademiam.com
2001:448a:a071:147e:9c2d:c39f:698f:67d2 - - [18/Jun/2026:05:55:39 +0200] "GET /.aws/credentials HTTP/1.1" 404 132626 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" "-" host=accademiam.com
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-18 00:43:59
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknow ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 20:43:56.358976 2026] [security2:error] [pid 32043:tid 32043] [client 2001:448a:a071:147e:9c2d:c39f:698f:67d2:65154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abeltours.com"] [uri "/.env/.env.bak"] [unique_id "ajM_TJlQ8OXMWZAIxLbYgwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-17 20:43:35
(1 week ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
Anonymous
2026-06-17 20:10:06
(1 week ago)
| Suspicious URL access.
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-17 18:12:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknow ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:12:06.257997 2026] [security2:error] [pid 10286:tid 10286] [client 2001:448a:a071:147e:9c2d:c39f:698f:67d2:54306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "animecelgallery.com"] [uri "/.env/.env.bak"] [unique_id "ajLjdkyP0QOBbJ4-c5mBlwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 16:40:42
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknow ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:448a:a071:147e:9c2d:c39f:698f:67d2 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 12:40:36.871071 2026] [security2:error] [pid 12876:tid 12876] [client 2001:448a:a071:147e:9c2d:c39f:698f:67d2:65169] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrsn.com"] [uri "/.env/.env.bak"] [unique_id "ajLOBF_TkNMsbJBo3X2nFAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack