Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15.
show less
Web App Attack
SSH
Hacking
Anonymous
Bot / scanning and/or hacking attempts: GET /email/sendgrid.env HTTP/1.1, GET /frontend/.env.local H ...
show moreBot / scanning and/or hacking attempts: GET /email/sendgrid.env HTTP/1.1, GET /frontend/.env.local HTTP/1.1, GET /public/.env HTTP/1.1, GET /wordpress/.env HTTP/1.1, GET /mailer/sendgrid.env HTTP/1.1, GET /dist/.env HTTP/1.1, GET /storage/.env HTTP/1.1, GET /config/.env.local HTTP/1.1, GET /services/api/.env HTTP/1.1, GET /backend/api/.env HTTP/1.1, GET /mail/sendgrid.env HTTP/1.1, GET /src/sendgrid.env HTTP/1.1, GET /uploads/.env HTTP/1.1, GET /symfony/.env HTTP/1.1, GET /docker/.env HTTP/1.1, GET /app/.env.local HTTP/1.1, GET /app/.env.prod HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /api/v3/.env HTTP/1.1, GET /backend/.env.dev HTTP/1.1, GET /app/.env.bak HTTP/1.1, GET /app/.env.production HTTP/1.1, GET /server/.env.local HTTP/1.1, GET /.env.save HTTP/1.1, GET /api/backend/.env HTTP/1.1
show less
[MonJun1510:52:52.5576082026][security2:error][pid2389574:tid2389827][client34.39.177.123:0]ModSecur ...
show more[MonJun1510:52:52.5576082026][security2:error][pid2389574:tid2389827][client34.39.177.123:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"hostingedominio.ch.81-17-25-250.cpanel.site\"][uri\"/development/.env\"][unique_id\"ai-9ZG9agqAYxj53JeuofgAAAQ4\"]
show less
Aggressive web search of vulnerable pages: /.env /.env.local /prod/.env /api/v2/.env /api/v1/.env . ...
show moreAggressive web search of vulnerable pages: /.env /.env.local /prod/.env /api/v2/.env /api/v1/.env ...
show less
(modsecurity) srv101 ModSecurity 34.39.177.123 (BR/Brazil/123.177.39.34.bc.googleusercontent.com): 1 ...
show more(modsecurity) srv101 ModSecurity 34.39.177.123 (BR/Brazil/123.177.39.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.39.177.123 (BR/Br ...
show more(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.39.177.123 (BR/Brazil/123.177.39.34.bc.googleusercontent.com)
show less