๐บ๐ธ
CounterScrape
2026-07-02 00:03:48
(3 hours ago)
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapp ...
show more
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapped in honeypot. Concurrency hits: 2. Bandwidth drained: 0.0 MB.
show less
Bad Web Bot
Port Scan
๐บ๐ธ
CounterScrape
2026-07-01 00:02:44
(1 day ago)
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapp ...
show more
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapped in honeypot. Concurrency hits: 2. Bandwidth drained: 0.0 MB.
show less
Bad Web Bot
Port Scan
๐ณ๐ฑ
wlt-blocker
2026-06-30 23:31:38
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐ฆ๐บ
rubixstudios
2026-06-30 23:27:02
(1 day ago)
Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360
DDoS Attack
Brute-Force
Web App Attack
๐ธ๐ฌ
securejdprop
2026-06-30 23:19:57
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurit ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access. WAF block: crowdsecurity/vpatch-env-access from 223.240.118.223 (172.20.0.4)
show less
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-30 22:36:12
(1 day ago)
Excessive multi-domain requests
Brute-Force
Anonymous
2026-06-30 22:26:10
(1 day ago)
(caddyscan) Scanner path probe from 223.240.118.223 (CN/China/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 223.240.118.223 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 223.240.118.223 - - [30/Jun/2026:22:25:50 +0000] "GET /private/.env HTTP/1.1"
[REDACTED] 200 2627 223.240.118.223 - - [30/Jun/2026:22:25:50 +0000] "GET /var/.env HTTP/1.1"
[REDACTED] 200 2627 223.240.118.223 - - [30/Jun/2026:22:26:07 +0000] "GET /wp-config.php.bak HTTP/1.1"
[REDACTED] 200 2627 223.240.118.223 - - [30/Jun/2026:22:26:07 +0000] "GET /wp-config.php.old HTTP/1.1"
[REDACTED] 200 2627 223.240.118.223 - - [30/Jun/2026:22:26:08 +0000] "GET /wp-config.php.save HTTP/1.1"
show less
Port Scan
Anonymous
2026-06-30 21:30:10
(1 day ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:25:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:24:58.249500 2026] [security2:error] [pid 19541:tid 19541] [client 223.240.118.223:37710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abraxasstudio.com"] [uri "/.env.test"] [unique_id "akQ0Koq7fgBv6Pf-_wiEwgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 20:22:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 16:22:18.192915 2026] [security2:error] [pid 11611:tid 11611] [client 223.240.118.223:59055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "treadbox.net"] [uri "/.env"] [unique_id "akQlevCtMGRtEBNGHx_MzwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Roper123
2026-06-30 19:25:24
(1 day ago)
Web exploits
Web App Attack
Anonymous
2026-06-30 19:15:05
(1 day ago)
Bot / scanning and/or hacking attempts: GET /env HTTP/1.1, GET /env.json HTTP/1.1, GET /.env.product ...
show more
Bot / scanning and/or hacking attempts: GET /env HTTP/1.1, GET /env.json HTTP/1.1, GET /.env.production.local HTTP/1.1, GET /env.js HTTP/1.1
show less
Hacking
Web App Attack
Anonymous
2026-06-30 19:14:04
(1 day ago)
http scanning for .env files
...
Hacking
Web App Attack
๐ฉ๐ช
Viveronese
2026-06-30 19:06:06
(1 day ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:51:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.118.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:51:44.692529 2026] [security2:error] [pid 14304:tid 14304] [client 223.240.118.223:45593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.indie100.com"] [uri "/.env.prod"] [unique_id "akP0IF8Bm9zgY3x6YZgUWQAAAGg"]
show less
Brute-Force
Bad Web Bot
Web App Attack