๐ณ๐ฑ
Site.eu
2026-06-30 22:16:16
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-30 21:08:22
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:08:16.449014 2026] [security2:error] [pid 19208:tid 19218] [client 223.247.211.68:53648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barnettbusinessgroup.com"] [uri "/.env"] [unique_id "akQwQAuUjo69gthu0Y3moAAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Smish
2026-06-30 20:00:36
(1 day ago)
HONEYPOT HIT --> Fail2ban time=1782849635 log=2026-06-30T21:00:35+01:00 ip=223.247.211.68 host=grafa ...
show more
HONEYPOT HIT --> Fail2ban time=1782849635 log=2026-06-30T21:00:35+01:00 ip=223.247.211.68 host=grafana.as210667.net method=GET uri="/.env.swp" status=404 ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" ref="-" rid=9c9bbb65eb400664abbac61d70051839
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:20:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:20:21.009534 2026] [security2:error] [pid 23882:tid 23882] [client 223.247.211.68:53733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ferrarapanfitness.com"] [uri "/.env.dev"] [unique_id "akQW9dhLZ2N94KEZiUck_gAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:20:56
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:20:50.585425 2026] [security2:error] [pid 10308:tid 10308] [client 223.247.211.68:55417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cameronwv.com"] [uri "/.env.local"] [unique_id "akQJAtvf6MehRU253liGbQAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-06-30 17:02:41
(1 day ago)
[30/Jun/2026:17:02:37 +0000] - 502 502 - GET https shell.6kw.fi "/.envrc" [Client 223.247.211.68] [L ...
show more
[30/Jun/2026:17:02:37 +0000] - 502 502 - GET https shell.6kw.fi "/.envrc" [Client 223.247.211.68] [Length 556] [Gzip -] [Sent-to 10.144.0.13] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" "-"
[30/Jun/2026:17:02:39 +0000] - 502 502 - GET https shell.6kw.fi "/app/.env" [Client 223.247.211.68] [Length 556] [Gzip -] [Sent-to 10.144.0.13] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" "-"
[30/Jun/2026:17:02:40 +0000] - 502 502 - GET https shell.6kw.fi "/src/.env" [Client 223.247.211.68] [Length 556] [Gzip -] [Sent-to 10.144.0.13] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)" "-"
[30/Jun/2026:17:02:41 +0000] - 502 502 - GET https shell.6kw.fi "/config/.env" [Client 223.247.211.68] [Length 556] [Gzip -] [Sent-to 10.144.0.13] "Mozilla/5.0 (Windows NT 10
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:39:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:39:22.230748 2026] [security2:error] [pid 20620:tid 20620] [client 223.247.211.68:54457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kporterdesign.com"] [uri "/.env"] [unique_id "akPxOugPbgP5Gwa9IRtGnAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 16:04:48
(1 day ago)
Aggressive web scan
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-30 15:35:03
(1 day ago)
223.247.211.68 - - [30/Jun/2026:18:35:02 +0300] "GET /public/.env HTTP/1.1" 404 4683 "-" "Mozilla/5. ...
show more
223.247.211.68 - - [30/Jun/2026:18:35:02 +0300] "GET /public/.env HTTP/1.1" 404 4683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
223.247.211.68 - - [30/Jun/2026:18:35:03 +0300] "GET /private/.env HTTP/1.1" 404 730 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:48:50
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:48:46.644932 2026] [security2:error] [pid 13678:tid 13678] [client 223.247.211.68:47463] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||puckerbuttbikini.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "puckerbuttbikini.com"] [uri "/root/.config/gcloud/credentials.db"] [unique_id "akOtHiZ-Pcu4nQW0ITWpjgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 11:35:25
(1 day ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 10:55:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.211.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 06:55:32.887702 2026] [security2:error] [pid 5347:tid 5347] [client 223.247.211.68:54584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.berklie.com"] [uri "/api/.env"] [unique_id "akOgpACiTFvcXKrWTJuywAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-30 09:13:34
(1 day ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
Lee Daniel
2026-06-30 07:38:39
(1 day ago)
223.247.211.68 - - [30/Jun/2026:03:38:38 -0400] "GET /.env HTTP/1.1" 403 4786 "-" "Mozilla/5.0 (Wind ...
show more
223.247.211.68 - - [30/Jun/2026:03:38:38 -0400] "GET /.env HTTP/1.1" 403 4786 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 07:31:03
(1 day ago)
Bot / scanning and/or hacking attempts: GET /env.json HTTP/1.1, GET /env.js HTTP/1.1, GET /.envrc HT ...
show more
Bot / scanning and/or hacking attempts: GET /env.json HTTP/1.1, GET /env.js HTTP/1.1, GET /.envrc HTTP/1.1, GET /env HTTP/1.1, GET /.flaskenv HTTP/1.1
show less
Hacking
Web App Attack