๐บ๐ธ
Matthew Ping
2026-06-01 00:15:02
(1 month ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ซ๐ท
vtchost.com
2026-05-31 21:39:50
(1 month ago)
minux.cc:443 46.202.158.167 - - [31/May/2026:23:39:50 +0200] "GET /admin/.env HTTP/1.1" 418 4144 "-" ...
show more
minux.cc:443 46.202.158.167 - - [31/May/2026:23:39:50 +0200] "GET /admin/.env HTTP/1.1" 418 4144 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 21:19:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 17:19:27.456179 2026] [security2:error] [pid 31048:tid 31048] [client 46.202.158.167:38326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "springmeadowventures.com"] [uri "/new/.env"] [unique_id "ahyl3y5Bu6DdedEtpwJexAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-05-31 20:42:22
(1 month ago)
476 requests with url.path *.env
Brute-Force
Bad Web Bot
Anonymous
2026-05-31 20:30:02
(1 month ago)
Web App Attack, Hacking
Hacking
Web App Attack
Anonymous
2026-05-31 20:24:26
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
mnsf
2026-05-31 20:06:00
(1 month ago)
Abuse Detected (9)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 20:05:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:05:05.846657 2026] [security2:error] [pid 14704:tid 14796] [client 46.202.158.167:63654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jojoproperties.com"] [uri "/app/.env"] [unique_id "ahyUcTpq77hNvGQHnI_ppwAAAMU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-05-31 19:26:07
(1 month ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-197)
Hacking
Web App Attack
Anonymous
2026-05-31 18:56:39
(1 month ago)
(caddyscan) Scanner path probe from 46.202.158.167 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ...
show more
(caddyscan) Scanner path probe from 46.202.158.167 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.158.167 - - [31/May/2026:18:56:34 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [31/May/2026:18:56:34 +0000] "GET /dev/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [31/May/2026:18:56:34 +0000] "GET /new/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [31/May/2026:18:56:34 +0000] "GET /core/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [31/May/2026:18:56:34 +0000] "GET /api/.env HTTP/1.1"
show less
Port Scan
๐ธ๐ช
nekopavel
2026-05-31 18:55:14
(1 month ago)
46.202.158.167 - - [31/May/2026:20:55:11 +0200]"GET /api/.env HTTP/1.1" 404 214"-" mishashto.com "Mo ...
show more
46.202.158.167 - - [31/May/2026:20:55:11 +0200]"GET /api/.env HTTP/1.1" 404 214"-" mishashto.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.016" "0.000""Frankfurt am Main" "DE"
46.202.158.167 - - [31/May/2026:20:55:11 +0200]"GET /core/.env HTTP/1.1" 404 123772"-" mishashto.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.040" "0.001""Frankfurt am Main" "DE"
46.202.158.167 - - [31/May/2026:20:55:11 +0200]"GET /.env HTTP/1.1" 404 123742"-" mishashto.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.052" "0.001""Frankfurt am Main" "DE"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 18:45:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 14:45:42.909820 2026] [security2:error] [pid 9621:tid 9621] [client 46.202.158.167:56080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pocketweddinginvitations.com"] [uri "/backend/.env"] [unique_id "ahyB1nK6LXQ_EIhel1wTEQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-05-31 18:41:50
(1 month ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-05-31 18:30:26
(1 month ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 17:56:48
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 13:56:44.383701 2026] [security2:error] [pid 28311:tid 28311] [client 46.202.158.167:44046] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exners.com"] [uri "/backend/.env"] [unique_id "ahx2XAyKfq2d9XTIZXXjkwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack