๐ซ๐ฎ
mickp
2026-06-15 15:30:47
(2 weeks ago)
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/application.properties HTTP/1.1" 429 72 "-" ...
show more
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/application.properties HTTP/1.1" 429 72 "-" "Mozilla/5.0 (Linux; Android 8.0.0; Moto Z2 Play) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/appsettings.json HTTP/1.1" 429 72 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) coc_coc_browser/80.0.180 Chrome/74.0.3729.180 Safari/537.36"
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/credentials.json HTTP/1.1" 429 72 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36 OPR/62.0.3331.99"
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/secrets.json HTTP/1.1" 429 72 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/75.0.3770.103 Mobile/15E148 Safari/605.1"
34.143.215.62 - - [15/Jun/2026:15:30:46 +0000] "GET /api/keys.json H
...
show less
Bad Web Bot
๐ซ๐ท
COMAITE
2026-06-15 12:37:58
(2 weeks ago)
Suspicious URL access.
Web App Attack
Anonymous
2026-06-15 12:18:46
(2 weeks ago)
Brute-Force reported by Fail2Ban
Brute-Force
Web App Attack
Anonymous
2026-06-15 10:07:03
(2 weeks ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 07:31:19
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:31:15.624220 2026] [security2:error] [pid 5456:tid 5456] [client 34.143.215.62:55484] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aufflammen.com"] [uri "/.env.docker"] [unique_id "ai-qQzjJN-brWjhl6dFw5gAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-06-15 07:05:10
(2 weeks ago)
Web App Attack
๐ฉ๐ช
rh24
2026-06-15 06:00:32
(2 weeks ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.143.215.62 (SG/Si ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.143.215.62 (SG/Singapore/62.215.143.34.bc.googleusercontent.com)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-15 02:08:55
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:08:50.769285 2026] [security2:error] [pid 30578:tid 30578] [client 34.143.215.62:51814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.muzenique.com.bridgital.com"] [uri "/.env.testing"] [unique_id "ai9eslwaJu08oJJV0yCf-wAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-15 01:43:34
(2 weeks ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-15 01:43:22
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 21:43:14.470324 2026] [security2:error] [pid 7302:tid 7302] [client 34.143.215.62:41896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "debbiegarner.com"] [uri "/.env.testing"] [unique_id "ai9Yso9xF0VEF1Zw8Og78gAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-15 00:50:18
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
updown.io
2026-06-15 00:19:53
(2 weeks ago)
{"level":"info","ts":1781482790.8392916,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1781482790.8392916,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.143.215.62","remote_port":"35638","client_ip":"34.143.215.62","proto":"HTTP/1.1","method":"GET","host":"whm.whm.www.www.210en.status.quarks-erp.com","uri":"/.env.docker","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 6.0.1; MI 4W) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"],"Accept-Charset":["utf-8"]}},"bytes_read":0,"user_id":"","duration":0.000105882,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://whm.whm.www.www.210en.status.quarks-erp.com/.env.docker"],"Content-Type":[],"Server":["Caddy"]}}
{"level":"info","ts":1781482790.8396049,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.143.215.62","remote_port":"35634","client_ip":"34.143.215.62","proto":"HTTP/1.1","method":"GET","host":"whm.whm.www.www.210e
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
mnsf
2026-06-15 00:18:25
(2 weeks ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 23:41:40
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.143.215.62 (62.215.143.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:41:35.955328 2026] [security2:error] [pid 26899:tid 26899] [client 34.143.215.62:41678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.crm.vientodelevante.es"] [uri "/api/v1/.env"] [unique_id "ai88L3u3c_3XUfcGpI9L1QAAADU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-14 05:17:14
(2 weeks ago)
Unauthorized access to webpage admin
Web App Attack