|
๐ฉ๐ช
es_guard
|
|
URL probing for .env
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 15 02:30:04.352445 2025] [security2:error] [pid 22566:tid 22566] [client 2.56.122.63:61858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n3fjp.com"] [uri "/.env"] [unique_id "aMeybEdBrRTw6NyY6kaYmwAAABw"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
london2038.com
|
|
Probing for exploits
2.56.122.63 - - [15/Sep/2025:07:53:50 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mo ...
show more
Probing for exploits
2.56.122.63 - - [15/Sep/2025:07:53:50 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
2.56.122.63 - - [15/Sep/2025:07:53:50 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 23:56:19.314832 2025] [security2:error] [pid 16275:tid 16275] [client 2.56.122.63:62599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mjaaforum.org"] [uri "/.env"] [unique_id "aMeOY8XiIMprq59DdmTS9wAAABQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, POST / HTTP/1.1, GET / HTTP/1.1
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 21:12:11.925080 2025] [security2:error] [pid 31134:tid 31134] [client 2.56.122.63:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "aMdn6yEQNutFPz23KaQZCwAAABA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐น๐ญ
Sawasdee
|
|
Unwanted checking 80 or 443 port
...
|
Bad Web Bot
|
|
|
๐ซ๐ท
oonux.net
|
|
RouterOS: Scanning detected TCP 2.56.122.63:52170 > x.x.x.x:80
|
Port Scan
|
|
|
๐ง๐ช
voormedia
|
|
Accessed trap at '/.env'
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 17:08:09.858569 2025] [security2:error] [pid 3762:tid 3762] [client 2.56.122.63:55230] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.psychtraining.org"] [uri "/.env"] [unique_id "aMcuuSIu9oKUuPWFuZ53ZAAAAA4"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
|
Exploited Host
Web App Attack
|
|
|
๐บ๐ฆ
URAN Publishing Service
|
|
2.56.122.63 - - [14/Sep/2025:23:23:55 +0300] "GET /.env HTTP/1.1" 404 290 "-" "Mozilla/5.0 (Linux; U ...
show more
2.56.122.63 - - [14/Sep/2025:23:23:55 +0300] "GET /.env HTTP/1.1" 404 290 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
...
show less
|
Web App Attack
|
|
|
๐ฉ๐ช
conseilgouz
|
|
doe-17 : Block hidden directories=>/.env(/)
|
Hacking
|
|
|
๐ฌ๐ง
CrystalMaker
|
|
Vulnerability scan - GET /.env
|
Hacking
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2.56.122.63 (vm4427804.example.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 15:34:31.525578 2025] [security2:error] [pid 24220:tid 24220] [client 2.56.122.63:51441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bahamascruisersguide.com"] [uri "/.env"] [unique_id "aMcYx7DFsGlibfSsStpYKAAAABI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|