π¬π§
openstrike.co.uk
2026-03-24 06:14:36
(2 months ago)
2 attacks on env grabbing URLs:
GET /.env HTTP/1.1
Hacking
πΊπΈ
[email protected]
2026-03-24 00:13:00
(2 months ago)
Fail2Ban jail apache-json-scanners detected activity on 2026-03-24T00:12:59Z
Brute-Force
π§πͺ
cmbplf
2026-03-23 23:32:15
(2 months ago)
1.265 requests with url.path *.env
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-03-23 21:20:54
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 17:20:47.358538 2026] [security2:error] [pid 16251:tid 16251] [client 74.118.126.112:51742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastr-wellington.com"] [uri "/.env"] [unique_id "acGuryvXzq3CtAXRbop7rAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-03-23 21:10:01
(2 months ago)
suspicious request in access.log
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-23 21:04:41
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 17:04:34.599341 2026] [security2:error] [pid 25972:tid 25972] [client 74.118.126.112:27277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eurobrake.com"] [uri "/.env"] [unique_id "acGq4pONUg4UChxHXA8tcQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2026-03-23 21:03:00
(2 months ago)
block ruleset bad bot: misc bad content F608233CC4C86EE814CE8DDDA9C4A0D3C79882F6
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-03-23 20:48:37
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 16:48:31.887509 2026] [security2:error] [pid 2908:tid 2908] [client 74.118.126.112:1288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "getmypov.com"] [uri "/.env"] [unique_id "acGnHzAG4YjQaVE846KB6wAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-23 20:32:02
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 16:31:57.553383 2026] [security2:error] [pid 20927:tid 20927] [client 74.118.126.112:22839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "randyscbcenter.com"] [uri "/.env"] [unique_id "acGjPU6FV9OGaX_Srvr_jwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-23 20:17:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 74.118.126.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 16:16:53.499664 2026] [security2:error] [pid 7338:tid 7338] [client 74.118.126.112:11000] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madronabluff.com"] [uri "/.env"] [unique_id "acGftXOYYMAJ6G6hPosszQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
xmission.com
2026-01-04 14:45:28
(5 months ago)
Blocked by UFW (TCP on 6959)
Source port: 50971
TTL: 50
Packet length: 60
TOS: 0x00
This report (fo ...
show more
Blocked by UFW (TCP on 6959)
Source port: 50971
TTL: 50
Packet length: 60
TOS: 0x00
This report (for 74.118.126.112) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
πΊπΈ
mnsf
2025-03-09 06:05:34
(1 year ago)
Login Too Frequent (6)
Brute-Force
Web App Attack
2025-03-09 05:16:20
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH