๐บ๐ธ
kosada.com
2026-06-30 23:38:07
(3 days ago)
Web vulnerability probing: /docker-compose.prod.yml
Web App Attack
Anonymous
2026-06-30 23:33:53
(3 days ago)
59.36.142.166 - - [01/Jul/2026:01:33:52 +0200] "GET /. HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows N ...
show more
59.36.142.166 - - [01/Jul/2026:01:33:52 +0200] "GET /. HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
show less
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-30 23:31:06
(3 days ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 20:44:16
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 16:44:10.162375 2026] [security2:error] [pid 8902:tid 8902] [client 59.36.142.166:39351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4115thewestford.com"] [uri "/.env.prod"] [unique_id "akQqmtcP_PjPYes2OpXytwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-30 20:08:03
(3 days ago)
Try to access /app/.env
Web App Attack
๐ธ๐ฌ
nayumi
2026-06-30 19:53:53
(3 days ago)
CrowdSec detection: crowdsecurity/http-sensitive-files | Service: http, http, http, http, http
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:27:04
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:26:59.149032 2026] [security2:error] [pid 22374:tid 22374] [client 59.36.142.166:51347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.generationedm.joesteiner.com"] [uri "/.env"] [unique_id "akQYg8xOUzf3DscStSogpgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 19:11:29
(3 days ago)
http scanning for .env files
...
Hacking
Web App Attack
Anonymous
2026-06-30 18:50:43
(3 days ago)
Aggressive web scan
Web App Attack
๐ฉ๐ช
sigurg
2026-06-30 16:53:17
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 16:45:48
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:45:42.212661 2026] [security2:error] [pid 29279:tid 29279] [client 59.36.142.166:46506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "encoremtmorris.com"] [uri "/.env.test"] [unique_id "akPytiQZnSLrz5PvdjSOtQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 13:55:31
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:55:28.022394 2026] [security2:error] [pid 16897:tid 16897] [client 59.36.142.166:43294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vitality-web.com"] [uri "/.env.swp"] [unique_id "akPK0HRq55J9WqsgAk388QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:11:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:11:16.745425 2026] [security2:error] [pid 19821:tid 19821] [client 59.36.142.166:46005] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cor-ex.com"] [uri "/.env.test"] [unique_id "akOyZNHvoL7cF0cN_D-3ngAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:23:55
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:23:48.073144 2026] [security2:error] [pid 810:tid 810] [client 59.36.142.166:50731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "popolegal.com"] [uri "/.env.template"] [unique_id "akOnRE7aDmuyAGm7Wp92MQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 10:36:21
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.142.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 06:36:18.085049 2026] [security2:error] [pid 21605:tid 21605] [client 59.36.142.166:58470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "damonmarks.com"] [uri "/backend/.env"] [unique_id "akOcIqzNy9kq-JBIVmRCsAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack