๐ซ๐ท
dynamix
2026-04-22 18:33:52
(2 months ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
SCHAPPY
2026-04-22 17:52:07
(2 months ago)
Bad bot identified by user agent
Bad Web Bot
๐บ๐ธ
wordpresshosting.solutions
2026-04-22 16:30:44
(2 months ago)
Web app vulnerability scanning detected. Evidence: 2602:fb54:1a00::4b - - [22/Apr/2026:16:30:42 +000 ...
show more
Web app vulnerability scanning detected. Evidence: 2602:fb54:1a00::4b - - [22/Apr/2026:16:30:42 +0000] "GET /.env.old HTTP/1.1" 404 39686 "https://[DOMAIN]/.env.old" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
2602:fb54:1a00::4b - - [22/Apr/2026:16:30:43 +0000] "GET /api/.env HTTP/1.1" 404 36191 "https://[DOMAIN]/api/.env" "Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-04-22 16:13:00
(2 months ago)
IPBlock protected site ID [3192-af][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
Kreapptivo
2026-04-22 15:52:58
(2 months ago)
[22/Apr/2026:17:52:53 +0200] Web-Request: "GET /build-manifest.json", User-Agent: "Mozilla/5.0 (comp ...
show more
[22/Apr/2026:17:52:53 +0200] Web-Request: "GET /build-manifest.json", User-Agent: "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
[22/Apr/2026:17:52:55 +0200] Web-Request: "GET /build-manifest.json", User-Agent: "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
updown.io
2026-04-22 15:04:39
(2 months ago)
{"level":"info","ts":1776869963.0014565,"logger":"http.log.access.log0","msg":"handled request","req ...
show more
{"level":"info","ts":1776869963.0014565,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"2602:fb54:1a00::4b","remote_port":"58334","client_ip":"2602:fb54:1a00::4b","proto":"HTTP/1.1","method":"GET","host":"0736.status.updown.io","uri":"/admin/.env","headers":{"User-Agent":["Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"0736.status.updown.io"}},"bytes_read":0,"user_id":"","duration":0.00013152,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1776869963.0027492,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"2602:fb54:1a00::4b","remote_port":"58244","client_ip":"2602:fb54:1a00::4b","proto":"HTTP/1.1","method":"GET","host":"0736.status.updown.io","uri":"/.env","headers":{"User-Agent":["Mozilla/5.0 Apple
...
show less
DDoS Attack
Web App Attack
Anonymous
2026-04-21 08:18:34
(2 months ago)
"GET /.env HTTP/1.1"
Hacking
Web App Attack
๐ฑ๐น
NotACaptcha
2026-04-21 06:58:13
(2 months ago)
webserver:80 [21/Apr/2026] "GET / HTTP/1.1" 302 395 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) ...
show more
webserver:80 [21/Apr/2026] "GET / HTTP/1.1" 302 395 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /app-config.json HTTP/1.1" 302 425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/v1/settings HTTP/1.1" 302 425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/settings HTTP/1.1" 302 419 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/config HTTP/1.1" 302 415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/v1/config HTTP/1.1" 302 421 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /runtime-config.js HTTP/1.1" 302 429 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /.env HTTP/1.1" 302 403 "-" "Mozilla/5.0 (Win...
show less
Web App Attack
๐ณ๐ฑ
juutis
2026-04-21 06:45:44
(2 months ago)
Multiple WAF abuses - IP blocked
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
Didier Lagaert
2026-04-21 06:45:21
(2 months ago)
lie-17 : Block hidden directories=>/.env.local(/)
Hacking
๐ฉ๐ช
Gwyneth Llewelyn
2026-04-21 06:00:04
(2 months ago)
2026/04/21 07:00:00 [error] 2437411#2437411: *1325893 access forbidden by rule, client: 2602:fb54:1a ...
show more
2026/04/21 07:00:00 [error] 2437411#2437411: *1325893 access forbidden by rule, client: 2602:fb54:1a00::4b, server: operadotejo.org, request: "GET /backend/.env HTTP/2.0", host: "operadotejo.org"
2026/04/21 07:00:00 [error] 2437412#2437412: *1325894 access forbidden by rule, client: 2602:fb54:1a00::4b, server: operadotejo.org, request: "GET /public/.env HTTP/2.0", host: "operadotejo.org"
2026/04/21 07:00:00 [error] 2437409#2437409: *1325895 access forbidden by rule, client: 2602:fb54:1a00::4b, server: operadotejo.org, request: "GET /app/.env HTTP/2.0", host: "operadotejo.org"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-21 04:50:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 00:49:58.031579 2026] [security2:error] [pid 3833227:tid 3833227] [client 2602:fb54:1a00::4b:58366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.mjaaforum.org"] [uri "/.env.local"] [unique_id "aecB9hA34bdszjx3yaWPFgAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐น
NotACaptcha
2026-04-21 03:34:48
(2 months ago)
webserver:80 [21/Apr/2026] "GET /app-config.json HTTP/1.1" 302 425 "-" "Mozilla/5.0 (Windows NT 10. ...
show more
webserver:80 [21/Apr/2026] "GET /app-config.json HTTP/1.1" 302 425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/v1/settings HTTP/1.1" 302 425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/settings HTTP/1.1" 302 419 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/config HTTP/1.1" 302 415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /api/v1/config HTTP/1.1" 302 421 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /runtime-config.js HTTP/1.1" 302 429 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /.env HTTP/1.1" 302 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
webserver:80 [21/Apr/2026] "GET /.env.bak HTTP/1.1" 302 411 "-" "Mozilla/...
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-04-21 03:30:00
(2 months ago)
IPBlock protected site ID [955-wdo][s=11].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-04-21 03:22:16
(2 months ago)
Multiple WAF Violations
Web App Attack