๐ณ๐ฟ
FaB Property Group
2026-06-19 06:26:11
(1 week ago)
Requested file: .env
Web App Attack
Anonymous
2026-06-19 05:28:04
(1 week ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, POST / HTTP/1.1
Hacking
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-19 05:14:44
(1 week ago)
2 attacks on env grabbing URLs:
GET /.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-19 02:20:47
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 22:20:43.158076 2026] [security2:error] [pid 3784:tid 3784] [client 139.180.213.153:63359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.new-site.cathybermanmft.com"] [uri "/.env"] [unique_id "ajSne_6M6RffGN4hID0DFwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
rdpguard.com
2026-06-19 02:09:55
(1 week ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
Anonymous
2026-06-19 01:05:02
(1 week ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 00:30:07
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:29:59.896301 2026] [security2:error] [pid 17362:tid 17362] [client 139.180.213.153:50355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.montidaunitour.com.my-spec.com"] [uri "/.env"] [unique_id "ajSNh7QhcXcPaCfU0-adxAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
IVski
2026-06-19 00:27:10
(1 week ago)
IVski WAF | Sensitive file probe detected - looking for .env
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 22:32:24
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:32:17.379639 2026] [security2:error] [pid 31605:tid 31605] [client 139.180.213.153:56902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.marshall-islands-boat-registration.com.boatregistrationdelaware.com"] [uri "/.env"] [unique_id "ajRx8W4D3I5USCxfw_Qs0gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-18 22:00:20
(1 week ago)
Auto-ban: >3000 req/min op 2026-06-18
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-18 21:50:52
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:50:47.549497 2026] [security2:error] [pid 20939:tid 20939] [client 139.180.213.153:65178] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.magazine.angelabcomics.com"] [uri "/.env"] [unique_id "ajRoN_h-VfrT9V4EftfeLgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 21:23:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:23:01.876787 2026] [security2:error] [pid 13217:tid 13217] [client 139.180.213.153:52129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ltrinc.com"] [uri "/.env"] [unique_id "ajRhtdFREwTs-i8RT8KE1AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 20:47:31
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:47:25.844721 2026] [security2:error] [pid 17840:tid 17840] [client 139.180.213.153:58770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.littlewizard.com.wizind.com"] [uri "/.env"] [unique_id "ajRZXfzb4zRg3tVlBNwsVAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 19:53:55
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultruserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 139.180.213.153 (139.180.213.153.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 15:53:50.159414 2026] [security2:error] [pid 3176:tid 3176] [client 139.180.213.153:50519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.latour-gouvernet.marcelacalvet.com"] [uri "/.env"] [unique_id "ajRMzoaIlrK48lhZN4SCjwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-18 19:47:06
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH