Anonymous
2026-07-02 08:33:39
(1 day ago)
194.5.65.206 - - [02/Jul/2026:08:33:39 +0000] "GET /.env HTTP/1.1" 404 437 "-" "Mozilla/5.0 (X11; Li ...
show more
194.5.65.206 - - [02/Jul/2026:08:33:39 +0000] "GET /.env HTTP/1.1" 404 437 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:23:25
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:23:21.248602 2026] [security2:error] [pid 2059:tid 2059] [client 194.5.65.206:62805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.230"] [uri "/.env"] [unique_id "akYf-aKGlyUdMpDDcCp9SgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
YF
2026-07-02 08:10:11
(1 day ago)
Environment file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:03:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:03:41.277619 2026] [security2:error] [pid 3763:tid 3763] [client 194.5.65.206:56006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.69"] [uri "/.env"] [unique_id "akYbXbNqq43eDZNjQqAfGwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-02 07:55:55
(1 day ago)
Web vulnerability probing: /.env (bogus vhost/SNI)
Web App Attack
๐บ๐ธ
jcbriar
2026-07-02 07:49:11
(1 day ago)
Searching for vulnerable scripts
Hacking
Web App Attack
๐ฉ๐ช
ut-addicted.com
2026-07-02 07:42:43
(1 day ago)
\[Thu Jul 02 09:42:41.441987 2026\] \[:error\] \[pid 12131:tid 139785779762944\] \[client 194.5.65.2 ...
show more
\[Thu Jul 02 09:42:41.441987 2026\] \[:error\] \[pid 12131:tid 139785779762944\] \[client 194.5.65.206:61083\] \[client 194.5.65.206\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "akYWcWs1mHl--1-9O5J-5gAAAQw"\]
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:24:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:24:34.126093 2026] [security2:error] [pid 26755:tid 26755] [client 194.5.65.206:52410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.213"] [uri "/.env"] [unique_id "akYSMu6EgP4OE97vxQjxJQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:56:45
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:56:42.004241 2026] [security2:error] [pid 27794:tid 27794] [client 194.5.65.206:59270] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.14"] [uri "/.env"] [unique_id "akYLqhPFxez2-JCJyDuLCgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
P1n4
2026-07-02 06:34:17
(1 day ago)
Heimdal IDS auto-block: sensitive_file (score=0.80)
Web App Attack
๐ฌ๐ง
Marten Mark
2026-07-02 06:32:22
(1 day ago)
194.5.65.206 - - [02/Jul/2026:06:32:21 +0000] "GET /.env HTTP/1.1" 301 166 "-" "Mozilla/5.0 (X11; Li ...
show more
194.5.65.206 - - [02/Jul/2026:06:32:21 +0000] "GET /.env HTTP/1.1" 301 166 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 06:27:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 194.5.65.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:27:02.299574 2026] [security2:error] [pid 10277:tid 10298] [client 194.5.65.206:54393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.83"] [uri "/.env"] [unique_id "akYEtpAqwnx3xWZPgt0mjAAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Al Coholic
2026-07-02 06:21:01
(1 day ago)
Detected By Fail2ban
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
Teufel100
2026-07-02 06:07:59
(1 day ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack
๐ณ๐ฑ
enpepet
2026-07-02 05:58:12
(1 day ago)
GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like G ...
show more
GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 URL:/.env
show less
Port Scan
Hacking
Brute-Force
Bad Web Bot