๐ฉ๐ช
Viveronese
2026-04-21 03:19:25
(2 months ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-21 03:06:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 23:05:59.886139 2026] [security2:error] [pid 3792070:tid 3792070] [client 2602:fb54:1a00::4b:41298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watongacommunitycats.org"] [uri "/backend/.env"] [unique_id "aebpl9In3KwCVXOq8r-aAAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
antlac1
2026-04-21 02:59:30
(2 months ago)
crowdsecurity/http-sensitive-files
Brute-Force
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2026-04-21 02:49:55
(2 months ago)
[Mon Apr 20 20:45:15.479964 2026] [authz_core:error] [pid 1504706:tid 140626372826688] [client 2602: ...
show more
[Mon Apr 20 20:45:15.479964 2026] [authz_core:error] [pid 1504706:tid 140626372826688] [client 2602:fb54:1a00::4b:41724] AH01630: client denied by server configuration: /var/www/public_html/payments/.env.bak
[Mon Apr 20 20:45:15.492690 2026] [authz_core:error] [pid 1504706:tid 140625550734912] [client 2602:fb54:1a00::4b:41758] AH01630: client denied by server configuration: /var/www/public_html/payments/.env.production.bak
[Mon Apr 20 20:49:54.696733 2026] [authz_core:error] [pid 1504705:tid 140625768814144] [client 2602:fb54:1a00::4b:55924] AH01630: client denied by server configuration: /var/www/public_html/www/.env.production.bak
...
show less
Bad Web Bot
๐บ๐ฆ
URAN Publishing Service
2026-04-21 02:48:23
(2 months ago)
2602:fb54:1a00::4b - - [21/Apr/2026:05:48:22 +0300] "GET /.env HTTP/1.1" 404 712 "-" "Mozilla/5.0 (W ...
show more
2602:fb54:1a00::4b - - [21/Apr/2026:05:48:22 +0300] "GET /.env HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
2602:fb54:1a00::4b - - [21/Apr/2026:05:48:22 +0300] "GET /admin/.env HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
Anonymous
2026-04-20 22:05:06
(2 months ago)
WAF repeated trigger detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-20 21:40:09
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 17:40:00.628593 2026] [security2:error] [pid 465304:tid 465304] [client 2602:fb54:1a00::4b:41742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mvscouts.org"] [uri "/admin/.env"] [unique_id "aeadMH3F0ORGi6c_PcDOOQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-04-20 21:33:44
(2 months ago)
308 requests with url.path *.env
Brute-Force
Bad Web Bot
๐ซ๐ท
LRob
2026-04-20 21:30:03
(2 months ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-04-20 21:23:41
(2 months ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-stl2-14)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-20 21:08:37
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 17:08:32.417465 2026] [security2:error] [pid 231474:tid 231474] [client 2602:fb54:1a00::4b:49536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.mcbrearty.org"] [uri "/backend/.env"] [unique_id "aeaV0K73aAt3_egyWc8OjAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-20 20:52:46
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 16:52:38.573634 2026] [security2:error] [pid 1133848:tid 1133848] [client 2602:fb54:1a00::4b:45208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stantontownship.org"] [uri "/.env"] [unique_id "aeaSFlLP6jOZNC4ow4TAOQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-04-20 20:43:12
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 5 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐ซ๐ฎ
stinpriza
2026-04-20 20:40:57
(2 months ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-20 20:37:44
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 16:37:39.539042 2026] [security2:error] [pid 31124:tid 31124] [client 2602:fb54:1a00::4b:48224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accountancy-career.selfdirecteddiscovery.org"] [uri "/backend/.env"] [unique_id "aeaOkzptg4p-6BjVyYauOAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack