๐ธ๐ช
SkyDancer
2026-06-06 06:01:40
(1 month ago)
Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ...
show more
Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X).
show less
Hacking
Brute-Force
๐ฉ๐ช
betternews.app
2026-06-06 02:36:10
(1 month ago)
"a web request contained keyword ".env"; Suspicious URL: /.env"
Web Spam
Blog Spam
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ArturShelby
2026-06-06 02:27:05
(1 month ago)
Critical file access: /.env
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-06-05 22:39:56
(1 month ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐ซ๐ท
Guardian
2026-06-05 20:31:30
(1 month ago)
Unauthorized attempt to retrieve configuration file
102.98.95.125 [05/Jun/2026:20:31:30] "GET /.env ...
show more
Unauthorized attempt to retrieve configuration file
102.98.95.125 [05/Jun/2026:20:31:30] "GET /.env HTTP/1.1"
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 13:08:54
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 09:08:48.394347 2026] [security2:error] [pid 13767:tid 13767] [client 102.98.95.125:65368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eduempowermentsolutions.com"] [uri "/.env"] [unique_id "aiLKYGkZaSROXF6uo3m0dAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-05 11:05:47
(1 month ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐ฏ๐ต
Valhalla
2026-05-26 13:34:27
(1 month ago)
/.env
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 12:40:42
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 08:40:36.499237 2026] [security2:error] [pid 20825:tid 20825] [client 102.98.95.125:64877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jewersmail.com"] [uri "/.env"] [unique_id "ahWUxByjR0xYddrpwNIeggAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-05-26 07:11:46
(1 month ago)
Try to access /arrangementen/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 07:09:39
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 03:09:34.906671 2026] [security2:error] [pid 28803:tid 28803] [client 102.98.95.125:51220] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coveyhillenterprises.com"] [uri "/.env"] [unique_id "ahVHLv_wHiLKXiMzV7SlDAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-26 06:50:27
(1 month ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 04:59:53
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 00:59:49.885789 2026] [security2:error] [pid 26410:tid 26410] [client 102.98.95.125:57190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reelfruits.com"] [uri "/.env"] [unique_id "ahUoxd6oynm_3rWuxz2TdQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-05-26 03:56:34
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 02:06:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.95.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 22:06:45.896487 2026] [security2:error] [pid 17036:tid 17036] [client 102.98.95.125:53195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boardinjapan.com"] [uri "/.env"] [unique_id "ahUANW1asMrz3ObirCl1KwAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack