๐ง๐ช
sid3windr
2026-02-28 06:39:11
(4 months ago)
GET /.env (Tarpitted for 1d15h8m31s, wasted 8.06MB)
Web App Attack
๐ง๐พ
lns.bz
2026-02-28 00:01:15
(4 months ago)
.env scanning [BY]
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-27 23:01:21
(4 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-26.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-27 09:24:20
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 20.168.9.110 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 20.168.9.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 04:24:16.626543 2026] [security2:error] [pid 7188:tid 7188] [client 20.168.9.110:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "aaFiwN4FjLDo4avH3uVuSgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
conseilgouz
2026-02-27 09:06:42
(4 months ago)
ave-17 : Block hidden directories=>/.env(/)
Hacking
๐ฉ๐ช
kranem
2026-02-27 09:03:14
(4 months ago)
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Micro ...
show more
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
Timestamp: 2026-02-27T06:12:25Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
show less
Bad Web Bot
๐ฌ๐ง
Axel
2026-02-27 08:26:02
(4 months ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
[email protected]
2026-02-26 23:59:25
(4 months ago)
Fail2Ban jail apache-json-scanners detected activity on 2026-02-26T23:59:25Z
Brute-Force
๐ช๐ธ
el-brujo
2026-02-26 20:43:11
(4 months ago)
Cloudflare WAF: Request Path: /.env Request Query: Host: warzone.elhacker.net userAgent: Mozilla/5. ...
show more
Cloudflare WAF: Request Path: /.env Request Query: Host: warzone.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation Country: US Method: GET Timestamp: 2026-02-26T20:43:11Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ฎ๐ฉ
Burayot
2026-02-26 20:18:23
(4 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 20.168.9.110 (US/United States/-): 1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 20.168.9.110 (US/United States/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-02-26 20:00:49
(4 months ago)
Access to sensitive files detected w/ specific boundary.. Threat Score: 5.5/10 (MEDIUM). Reported by ...
show more
Access to sensitive files detected w/ specific boundary.. Threat Score: 5.5/10 (MEDIUM). Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-02-26 19:01:58
(4 months ago)
Access to sensitive files detected w/ specific boundary.. Threat Score: 5.7/10 (MEDIUM). Reported by ...
show more
Access to sensitive files detected w/ specific boundary.. Threat Score: 5.7/10 (MEDIUM). Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-02-26 17:15:56
(4 months ago)
[WAZUH] Access to sensitive files detected w/ specific boundary.
Hacking
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-02-26 12:40:16
(4 months ago)
2026/02/26 12:40:12 [error] 27363#27363: *2618680 access forbidden by rule, client: 20.168.9.110, se ...
show more
2026/02/26 12:40:12 [error] 27363#27363: *2618680 access forbidden by rule, client: 20.168.9.110, server: centroestudostibetanos.org, request: "GET /.env HTTP/1.1", host: "sebentanalanda.centroestudostibetanos.org"
20.168.9.110 - - [26/Feb/2026:12:40:12 +0000] "GET /.env HTTP/1.1" 403 1057 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
2026/02/26 12:40:14 [error] 27363#27363: *2618715 access forbidden by rule, client: 20.168.9.110, server: centroestudostibetanos.org, request: "GET /.env HTTP/1.1", host: "portal.centroestudostibetanos.org"
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
Incidents Response Neptus Team
2026-02-22 15:57:00
(4 months ago)
Report abuse IP
Exploited Host
Web App Attack
Hacking