๐ง๐พ
lns.bz
2026-06-30 10:45:37
(1 day ago)
.env scanning [BY]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 10:39:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 s ...
show more
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 06:39:41.274377 2026] [security2:error] [pid 21596:tid 21596] [client 77.91.79.104:60068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "travelingguitarfoundation.org"] [uri "/temp/.env"] [unique_id "akOc7U8X5CMea3WeZgIBEwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 10:10:54
(1 day ago)
Aggressive web scan
Web App Attack
๐ฉ๐ช
Teufel100
2026-06-30 09:14:15
(1 day ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack
๐ฉ๐ช
itsolon
2026-06-30 08:53:24
(1 day ago)
[30/Jun/2026:10:53:22 +0200] 178280960294.531550 77.91.79.104 51336 217.154.7.177 443
[30/Jun/2026:1 ...
show more
[30/Jun/2026:10:53:22 +0200] 178280960294.531550 77.91.79.104 51336 217.154.7.177 443
[30/Jun/2026:10:53:22 +0200] 178280960270.354312 77.91.79.104 51336 217.154.7.177 443
[30/Jun/2026:10:53:23 +0200] 178280960321.888606 77.91.79.104 51336 217.154.7.177 443
[30/Jun/2026:10:53:23 +0200] 17828096036.342291 77.91.79.104 51336 217.154.7.177 443
[30/Jun/2026:10:53:24 +0200] 178280960465.475352 77.91.79.104 51336 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:40:38
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 s ...
show more
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:40:34.015328 2026] [security2:error] [pid 11702:tid 11702] [client 77.91.79.104:36600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquatech-ind.com"] [uri "/.env.dev"] [unique_id "akOBAqQLTkyiFbT-XG3FKwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-30 07:44:39
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:36:05
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 s ...
show more
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:36:00.203204 2026] [security2:error] [pid 8655:tid 8655] [client 77.91.79.104:51566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bvidisplay.com"] [uri "/.env"] [unique_id "akNx4AoPtIVm0aIYuZJpCgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:17:33
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 s ...
show more
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:17:27.883640 2026] [security2:error] [pid 7073:tid 7073] [client 77.91.79.104:56500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.meridianranchdrc.org"] [uri "/.env~"] [unique_id "akNth31bUdXDsUJk47wu5wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-30 07:06:04
(1 day ago)
Aggressive web search of vulnerable pages: /config/.env /backend/.env /frontend/.env /api/.env /serv ...
show more
Aggressive web search of vulnerable pages: /config/.env /backend/.env /frontend/.env /api/.env /server/.env ...
show less
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 07:03:45
(1 day ago)
Attempt to access a backup or working file. Pattern match "\\\\. (920500-197)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 06:53:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 s ...
show more
(mod_security) mod_security (id:210492) triggered by 77.91.79.104 (vpnforum.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:53:42.795402 2026] [security2:error] [pid 25005:tid 25005] [client 77.91.79.104:48968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tekrav.kuddlkat.com"] [uri "/.env.sample"] [unique_id "akNn9tqahnZArV44ik0o5wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-30 06:24:50
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-06-30 06:01:24
(1 day ago)
Blocked by ModSec and CSF
Port Scan
Anonymous
2026-06-30 05:58:28
(1 day ago)
77.91.79.104 - - [30/Jun/2026:07:58:27 +0200] "GET /web/.env HTTP/1.1" 403 5440 "-" "Mozilla/5.0 (Wi ...
show more
77.91.79.104 - - [30/Jun/2026:07:58:27 +0200] "GET /web/.env HTTP/1.1" 403 5440 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Brute-Force
Web App Attack