πΊπ¦
URAN Publishing Service
2026-07-04 00:22:07
(27 minutes ago)
2a04:c300:c00::3da - - [04/Jul/2026:03:22:06 +0300] "GET /.env HTTP/1.1" 404 708 "-" "Mozilla/5.0 (W ...
show more
2a04:c300:c00::3da - - [04/Jul/2026:03:22:06 +0300] "GET /.env HTTP/1.1" 404 708 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36"
2a04:c300:c00::3da - - [04/Jul/2026:03:22:06 +0300] "GET /app/.env HTTP/1.1" 404 708 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0"
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 23:57:33
(52 minutes ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:57:25.815831 2026] [security2:error] [pid 11151:tid 11151] [client 2a04:c300:c00::3da:53866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.americanureport.com"] [uri "/.env.production"] [unique_id "akhMZS-4rHZXTK3aNuesKwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-03 23:54:20
(55 minutes ago)
Multiple WAF Violations
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 23:20:59
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:20:54.525716 2026] [security2:error] [pid 16876:tid 16876] [client 2a04:c300:c00::3da:60928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rudiscreations.org"] [uri "/.env.development"] [unique_id "akhD1vPPqiDBR8RGs35j_gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
SoteriaCovenant
2026-07-03 23:19:07
(1 hour ago)
Automated probe: /config.json on Soteria Global infrastructure. No vulnerable software present.
Hacking
π«π·
ELYAZ
2026-07-03 23:00:01
(1 hour ago)
(y3) Failed access -byebye- from 2a04:c300:c00::3da (Unknown): (CF_ENABLE)
Hacking
πΊπΈ
TPI-Abuse
2026-07-03 22:35:50
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:35:43.806977 2026] [security2:error] [pid 18223:tid 18223] [client 2a04:c300:c00::3da:14008] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.smokeyspb.photos"] [uri "/.env"] [unique_id "akg5P0KYZSCJGNbYTZQY1QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 22:06:38
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:06:32.719148 2026] [security2:error] [pid 21009:tid 21009] [client 2a04:c300:c00::3da:40388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.title36.com"] [uri "/.env"] [unique_id "akgyaKwaZnGO_ZILfbn21QAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ecs.ge
2026-07-03 21:20:59
(3 hours ago)
Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-07-03 20:48:07
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:48:01.647425 2026] [security2:error] [pid 23970:tid 23970] [client 2a04:c300:c00::3da:22114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desotopresbyterian.church"] [uri "/app/.env"] [unique_id "akggASv0GFoC2aHq9p7c6wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 20:03:37
(4 hours ago)
(mod_security) mod_security (id:949110) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:949110) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:03:31.925015 2026] [security2:error] [pid 9873:tid 9873] [client 2a04:c300:c00::3da:6620] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "mail.donkeywaffle.com"] [uri "/.env"] [unique_id "akgVk6CfnHtfHjx1wwy1JgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
WellSpring
2026-07-03 19:58:39
(4 hours ago)
env leak on 714.today/app/.env β WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack
π³π±
Savvii
2026-07-03 19:48:14
(5 hours ago)
20 attempts against mh-misbehave-ban on ozone
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 19:31:40
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:c00::3da (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:31:35.477539 2026] [security2:error] [pid 13871:tid 13871] [client 2a04:c300:c00::3da:12408] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.dgroupsa.com"] [uri "/.env"] [unique_id "akgOFwqmG1-SNzVTKCFnQAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-03 18:17:30
(6 hours ago)
Excessive multi-domain requests
Brute-Force