๐ง๐ท
Peregrine
2026-07-12 03:17:26
(1 day ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 84.200.33.131 172.70.240.146 - - [08/Jul/2026:23:08:16 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 84.200.33.131 172.70.240.146 - - [08/Jul/2026:23:08:16 -0300] "GET /.env HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:16 -0300] "GET /.env.local HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:16 -0300] "GET /.git/config HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:17 -0300] "GET /config.php HTTP/1.1" 404 414
show less
Bad Web Bot
๐ฎ๐ฑ
spd.co.il
2026-07-11 11:01:44
(2 days ago)
Web application attack detected
Hacking
Web App Attack
Anonymous
2026-07-10 16:32:47
(2 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ง๐ท
Peregrine
2026-07-10 03:17:55
(3 days ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 84.200.33.131 172.70.240.146 - - [08/Jul/2026:23:08:16 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 84.200.33.131 172.70.240.146 - - [08/Jul/2026:23:08:16 -0300] "GET /.env HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:16 -0300] "GET /.env.local HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:16 -0300] "GET /.git/config HTTP/1.1" 404 414
84.200.33.131 172.70.240.116 - - [08/Jul/2026:23:08:17 -0300] "GET /config.php HTTP/1.1" 404 414
show less
Bad Web Bot
Anonymous
2026-07-10 02:18:41
(3 days ago)
"GET /.env HTTP/1.1"
Hacking
Web App Attack
๐ซ๐ท
Baking333
2026-07-09 12:42:30
(4 days ago)
[redacted] 84.200.33.131 - - [09/Jul/2026:13:38:22 +0100] "GET /.[redacted] HTTP/1.1" 302 1538 0/644 ...
show more
[redacted] 84.200.33.131 - - [09/Jul/2026:13:38:22 +0100] "GET /.[redacted] HTTP/1.1" 302 1538 0/64420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" [redacted] 84.200.33.131 - - [09/Jul/2026:13:42:28 +0100] "GET /.[redacted] HTTP/1.1" 302 1573 0/62716 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
EvilTurkey
2026-07-09 12:14:26
(4 days ago)
Web app attack against financial institution website.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 12:03:43
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 84.200.33.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 84.200.33.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:03:38.080777 2026] [security2:error] [pid 21806:tid 21806] [client 84.200.33.131:40092] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zezel.com"] [uri "/.env"] [unique_id "ak-OGosOa14f5wZQ9rKZ9wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-09 11:56:17
(4 days ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-09 11:45:29
(4 days ago)
2026/07/09 13:45:28 [error] 13968#13968: *160161 access forbidden by rule, client: 84.200.33.131, se ...
show more
2026/07/09 13:45:28 [error] 13968#13968: *160161 access forbidden by rule, client: 84.200.33.131, server: sahpa.co.za, request: "GET /.env HTTP/1.1", host: "sahpa.co.za"
2026/07/09 13:45:28 [error] 13968#13968: *160161 access forbidden by rule, client: 84.200.33.131, server: sahpa.co.za, request: "GET /.env.local HTTP/1.1", host: "sahpa.co.za"
2026/07/09 13:45:28 [error] 13968#13968: *160161 access forbidden by rule, client: 84.200.33.131, server: sahpa.co.za, request: "GET /.git/config HTTP/1.1", host: "sahpa.co.za"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-09 11:45:09
(4 days ago)
[Firewall Canary] Temporary ban due to firewall rule match [URI:*/.env]
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-09 11:30:59
(4 days ago)
Environment file probe
Web App Attack
๐ฉ๐ช
Lino Project
2026-07-09 11:30:24
(4 days ago)
84.200.33.131 - - [09/Jul/2026:13:30:19 +0200] "GET /.env HTTP/1.1" 302 385 "-" "Mozilla/5.0 (Window ...
show more
84.200.33.131 - - [09/Jul/2026:13:30:19 +0200] "GET /.env HTTP/1.1" 302 385 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
nzhost.co.nz
2026-07-09 11:29:44
(4 days ago)
$f2bV_matches
Hacking
Brute-Force
๐ฎ๐ฉ
Burayot
2026-07-09 11:28:56
(4 days ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 84.200.33.131 (DE/Germany/-): 2 in t ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 84.200.33.131 (DE/Germany/-): 2 in the last 3600 secs
show less
Web App Attack