๐ง๐ช
sid3windr
2026-06-26 06:09:01
(6 days ago)
GET /.env (Tarpitted for 1d15h8m33s, wasted 8.06MB)
Web App Attack
๐บ๐ธ
mnsf
2026-06-25 21:20:42
(1 week ago)
Abuse Detected (2)
Brute-Force
Web App Attack
Anonymous
2026-06-24 23:17:11
(1 week ago)
[Wed Jun 24 15:32:25.971130 2026] [access_compat:error] [pid 1786614:tid 1786614] [client 23.234.113 ...
show more
[Wed Jun 24 15:32:25.971130 2026] [access_compat:error] [pid 1786614:tid 1786614] [client 23.234.113.68:56627] AH01797: client denied by server configuration: /var/www/html/.env
[Wed Jun 24 19:52:57.182082 2026] [access_compat:error] [pid 2211634:tid 2211634] [client 23.234.113.68:59655] AH01797: client denied by server configuration: /var/www/html/.env.production, referer: https://google.com
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-24 21:59:11
(1 week ago)
Auto-ban: >3000 req/min op 2026-06-24
Web App Attack
SSH
Hacking
๐ซ๐ท
Baking333
2026-06-24 18:10:37
(1 week ago)
[redacted] 23.234.113.68 - - [24/Jun/2026:18:57:13 +0100] "GET /.env HTTP/1.1" 302 6768 0/132245 "ht ...
show more
[redacted] 23.234.113.68 - - [24/Jun/2026:18:57:13 +0100] "GET /.env HTTP/1.1" 302 6768 0/132245 "https://[redacted]" "Mozilla/5.0 (Windows NT 6.2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36" [redacted] 23.234.113.68 - - [24/Jun/2026:19:10:36 +0100] "GET /.env HTTP/1.1" 302 6778 0/78731 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
its101
2026-06-24 18:00:26
(1 week ago)
Automated detection by LockdownAccess security system. Attack type(s): env_grab. Reason: Nginx: env_ ...
show more
Automated detection by LockdownAccess security system. Attack type(s): env_grab. Reason: Nginx: env_grab attack. Path targeted: unknown. Blocked in Cloudflare.
show less
Web App Attack
๐บ๐ธ
RogueAutomata
2026-06-24 17:41:52
(1 week ago)
Detected malicious request: GET /.env.production
Detections triggered: Environment/config probe
Web App Attack
๐ณ๐ฑ
BIV
2026-06-24 17:30:32
(1 week ago)
Honeypot multi-source hit. Sources: tpot:Fatt,tpot:H0neytr4p,tpot:P0f,tpot:Suricata. Ports: 443. Aut ...
show more
Honeypot multi-source hit. Sources: tpot:Fatt,tpot:H0neytr4p,tpot:P0f,tpot:Suricata. Ports: 443. Automated tiered (T-Pot+DShield).
show less
Port Scan
Hacking
Bad Web Bot
๐ณ๐ฑ
bazter.pro
2026-06-24 17:03:54
(1 week ago)
23.234.113.68 - - [24/Jun/2026:17:03:53 +0000] "GET /.env.production HTTP/1.1" 404 306 "https://goog ...
show more
23.234.113.68 - - [24/Jun/2026:17:03:53 +0000] "GET /.env.production HTTP/1.1" 404 306 "https://google.com" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36"
...
show less
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
SSH
Anonymous
2026-06-24 16:50:02
(1 week ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 16:36:39
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo. ...
show more
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:36:35.901481 2026] [security2:error] [pid 535:tid 535] [client 23.234.113.68:57424] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maverickhousellc.com"] [uri "/.env"] [unique_id "ajwHkxsmal4USWPHFCO46QAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
strxmpp
2026-06-24 16:17:07
(1 week ago)
23.234.113.68 - - [24/Jun/2026:18:17:06 +0200] "GET /.env.production HTTP/1.1" 404 8995 "https://goo ...
show more
23.234.113.68 - - [24/Jun/2026:18:17:06 +0200] "GET /.env.production HTTP/1.1" 404 8995 "https://google.com" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.80 Safari/537.36"
...
show less
Bad Web Bot
๐บ๐ธ
anon333
2026-06-24 16:06:12
(1 week ago)
Invalid HTTP port 80 probes to server T1206
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-06-24 16:06:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo. ...
show more
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:06:06.881275 2026] [security2:error] [pid 19459:tid 19459] [client 23.234.113.68:65516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3dworld-wide.com"] [uri "/.env.production"] [unique_id "ajwAbggVAkSoEYD0MbmuxQAAAGw"], referer: https://google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 14:57:05
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo. ...
show more
(mod_security) mod_security (id:210492) triggered by 23.234.113.68 (static-23-234-113-68.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:56:58.975832 2026] [security2:error] [pid 14540:tid 14540] [client 23.234.113.68:58709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rockitfish.com"] [uri "/.env"] [unique_id "ajvwOqLEqrCO1tlBLMCOJQAAADM"], referer: https://google.com
show less
Brute-Force
Bad Web Bot
Web App Attack