๐ฌ๐ง
openstrike.co.uk
2026-06-09 05:14:35
(4 weeks ago)
36 attacks on env grabbing URLs:
GET /.env.save HTTP/1.1
Hacking
๐ซ๐ท
conseilgouz
2026-06-08 12:00:59
(4 weeks ago)
sae-17 : Block hidden directories=>/core/.env.save(/)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 10:35:06
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:34:56.800528 2026] [security2:error] [pid 9579:tid 9579] [client 2a02:4780:27:1146:0:22ac:dbcb:1:65078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "searchenginesubmit.org"] [uri "/api/.env"] [unique_id "aiaa0BabyJpGzKibrd6N0gAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 09:16:33
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:16:27.311555 2026] [security2:error] [pid 13215:tid 13215] [client 2a02:4780:27:1146:0:22ac:dbcb:1:50378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sylversheers.com"] [uri "/dev/.env"] [unique_id "aiaIa08aKGUqvTEr0yPpEgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-08 05:48:08
(4 weeks ago)
[redacted] 2a02:4780:27:1146:0:22ac:dbcb:1 - - [08/Jun/2026:06:48:06 +0100] "GET /.env HTTP/1.1" 302 ...
show more
[redacted] 2a02:4780:27:1146:0:22ac:dbcb:1 - - [08/Jun/2026:06:48:06 +0100] "GET /.env HTTP/1.1" 302 5258 0/45396 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:27:1146:0:22ac:dbcb:1 - - [08/Jun/2026:06:48:06 +0100] "GET /admin/.env HTTP/1.1" 302 5258 0/56411 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:45
(4 weeks ago)
12 attacks on env grabbing URLs:
GET /laravel/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 04:51:42
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:51:37.318543 2026] [security2:error] [pid 24831:tid 24831] [client 2a02:4780:27:1146:0:22ac:dbcb:1:52132] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danteolalaw.com"] [uri "/backend/.env"] [unique_id "aiZKWYwlx0AqVhnOgYu7CwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 04:28:31
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:28:24.466186 2026] [security2:error] [pid 23750:tid 23750] [client 2a02:4780:27:1146:0:22ac:dbcb:1:16960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sguard.co"] [uri "/backend/.env"] [unique_id "aiZE6ERLXPV__eIQCQn5XQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 04:11:50
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:11:46.383994 2026] [security2:error] [pid 25998:tid 25998] [client 2a02:4780:27:1146:0:22ac:dbcb:1:21810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gewgawdesigns.com"] [uri "/.env.save"] [unique_id "aiZBAm-uYHs48_I8-y-GkwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:35:05
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:34:59.499763 2026] [security2:error] [pid 21104:tid 21104] [client 2a02:4780:27:1146:0:22ac:dbcb:1:48438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrisswansoncampaign.com"] [uri "/core/.env.save"] [unique_id "aiYqU2waDkc861zcdolk7AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:53:31
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:53:26.731693 2026] [security2:error] [pid 5910:tid 5910] [client 2a02:4780:27:1146:0:22ac:dbcb:1:18518] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "richardhellis-sculptor.com"] [uri "/api/.env.save"] [unique_id "aiYgllb4i_9Wwaeul-cFkgAAAJQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 00:19:13
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:19:06.584858 2026] [security2:error] [pid 21275:tid 21275] [client 2a02:4780:27:1146:0:22ac:dbcb:1:55460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pascalroy.com"] [uri "/api/.env"] [unique_id "aiYKekNIansgWuBWgInapgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:49:57
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:49:52.772372 2026] [security2:error] [pid 24488:tid 24488] [client 2a02:4780:27:1146:0:22ac:dbcb:1:42424] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chevronparkett.com"] [uri "/dev/.env"] [unique_id "aiYDoD2FP1i51Qeuw3dregAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-07 23:03:10
(4 weeks ago)
(modsecurity) srv101 ModSecurity 2a02:4780:27:1146:0:22ac:dbcb:1 (FR/France/-): 10 in the last 3600 ...
show more
(modsecurity) srv101 ModSecurity 2a02:4780:27:1146:0:22ac:dbcb:1 (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 22:37:16
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:1146:0:22ac:dbcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:37:10.491570 2026] [security2:error] [pid 22361:tid 22361] [client 2a02:4780:27:1146:0:22ac:dbcb:1:19364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prosucomexico.com"] [uri "/app/.env"] [unique_id "aiXylodujlLp5xnSiEyhuQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack