๐ง๐ช
boxed-it
2026-06-29 14:43:41
(1 day ago)
GET /.env (Tarpitted for 1d1h6m34s, wasted 5.17MB)
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-29 05:14:23
(1 day ago)
2 attacks on env grabbing URLs:
GET /.env HTTP/1.1
Hacking
๐จ๐ด
adalbertoreyes.org
2026-06-28 19:42:12
(1 day ago)
CategoryPortScan
Port Scan
๐จ๐ญ
4server
2026-06-28 14:05:01
(2 days ago)
[SunJun2816:04:55.0094532026][security2:error][pid844853:tid844978][client62.210.130.252:0]ModSecuri ...
show more
[SunJun2816:04:55.0094532026][security2:error][pid844853:tid844978][client62.210.130.252:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"associazione-iris.ch\"][uri\"/.env\"][unique_id\"akEqB2cyCjtja9NhLSSh2gAAAAo\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-06-28 13:50:19
(2 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Smish
2026-06-28 13:34:22
(2 days ago)
HONEYPOT HIT --> Fail2ban time=1782653660 log=2026-06-28T14:34:20+01:00 ip=62.210.130.252 host=as210 ...
show more
HONEYPOT HIT --> Fail2ban time=1782653660 log=2026-06-28T14:34:20+01:00 ip=62.210.130.252 host=as210667.net method=GET uri="/.env" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ref="-" rid=9b910da7812c7a7afe0730f90dbdb37e
show less
Web App Attack
๐ซ๐ฎ
as211431.net
2026-06-28 13:34:22
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from FR.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from FR.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (POST method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ง
pinguin
2026-06-28 13:34:11
(2 days ago)
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show more
Triggered Cloudflare WAF (firewallManaged) from FR.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ต๐พ
armandosaucedo.me
2026-06-28 12:43:32
(2 days ago)
Threat Intelligence via ARMTI, Web Attack: GET /.env
Web App Attack
๐ซ๐ท
Jimbo67
2026-06-28 12:24:59
(2 days ago)
Cloudflare WAF: 1 hits in 30s | action=block | abuse=confirmed_abuse | categories=21 | rule_id=a8325 ...
show more
Cloudflare WAF: 1 hits in 30s | action=block | abuse=confirmed_abuse | categories=21 | rule_id=a8325d956f104d2194269f1386e09ef1 | URIs=/.env | confidence=0.95
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 12:19:35
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 62.210.130.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 62.210.130.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:19:30.449385 2026] [security2:error] [pid 31140:tid 31140] [client 62.210.130.252:46120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arlan-associates.com"] [uri "/.env"] [unique_id "akERUouKFvpiEiTHgUn-tgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Selckie
2026-06-28 12:19:03
(2 days ago)
fail2ban: NGINX unusual impact
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-06-28 12:02:58
(2 days ago)
Web app vulnerability scanning detected. Evidence: 62.210.130.252 - - [28/Jun/2026:11:56:10 +0000] " ...
show more
Web app vulnerability scanning detected. Evidence: 62.210.130.252 - - [28/Jun/2026:11:56:10 +0000] "GET /.env HTTP/1.1" 404 9745 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
62.210.130.252 - - [28/Jun/2026:12:02:57 +0000] "GET /.env HTTP/1.1" 404 5569 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
show less
Web App Attack
Anonymous
2026-06-28 11:55:17
(2 days ago)
62.210.130.252 - - [28/Jun/2026:19:55:16 +0800] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; ...
show more
62.210.130.252 - - [28/Jun/2026:19:55:16 +0800] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 11:33:41
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack