Anonymous
2026-06-04 06:02:00
(1 month ago)
Flood url /.env
Bad Web Bot
Web App Attack
Hacking
πΊπΈ
OceanTreasure
2026-05-31 00:20:06
(1 month ago)
tcp/80; /.env* dotfile probe (R21): "GET /.env" @ 2026-05-31T00:17:22Z
Web App Attack
π¨π±
SinaiCL
2026-05-30 20:27:57
(1 month ago)
Automated Nginx block. Attack type: Scan for config files. Total malicious requests: 1 across multip ...
show more
Automated Nginx block. Attack type: Scan for config files. Total malicious requests: 1 across multiple servers.
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-05-29 05:34:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 01:34:23.847559 2026] [security2:error] [pid 13439:tid 13439] [client 102.98.76.232:57214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inspiraciongaleria.com"] [uri "/.env"] [unique_id "ahklX4foVvFc26jrhSQS6gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-29 04:20:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 00:20:14.486580 2026] [security2:error] [pid 28843:tid 28843] [client 102.98.76.232:61954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konahawaiihandyman.com"] [uri "/.env"] [unique_id "ahkT_mkZEpxp8f8eBSqfHgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-05-29 03:05:30
(1 month ago)
Scanning/Probing (32)
Brute-Force
Web App Attack
π±π»
garmtech.com
2026-05-29 01:28:41
(1 month ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 23:53:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 19:53:16.680965 2026] [security2:error] [pid 29340:tid 29340] [client 102.98.76.232:50796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "unityhealthpharmaceutical.com"] [uri "/.env"] [unique_id "ahjVbO2OzAaHg7Y2ZMsSfwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 23:24:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 19:24:50.712854 2026] [security2:error] [pid 11397:tid 11397] [client 102.98.76.232:52598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eatcakecup.com"] [uri "/.env"] [unique_id "ahjOwrreN-SD9_I897q2MwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 22:05:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 18:05:42.075108 2026] [security2:error] [pid 10724:tid 10724] [client 102.98.76.232:50091] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "klingandi.com"] [uri "/.env"] [unique_id "ahi8NlXCDtzQhYuLita9KwAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 14:32:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 10:31:57.496355 2026] [security2:error] [pid 17421:tid 17426] [client 102.98.76.232:49565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barkdullit.com"] [uri "/.env"] [unique_id "ahhR3f5gye54ByH4Yy61EwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 13:00:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 09:00:23.701727 2026] [security2:error] [pid 18005:tid 18005] [client 102.98.76.232:60973] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rajabarber.com"] [uri "/.env"] [unique_id "ahg8Z1f7T7zdmuARSF_j-AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 11:50:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 07:50:51.487580 2026] [security2:error] [pid 26015:tid 26086] [client 102.98.76.232:64087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mouawadarchitects.com"] [uri "/.env"] [unique_id "ahgsG-MkyFI1Kq8Si55MSQAAAMQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 09:27:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 05:26:57.846632 2026] [security2:error] [pid 23736:tid 23736] [client 102.98.76.232:54482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "soglove.com"] [uri "/.env"] [unique_id "ahgKYRUHj5ULuVHNFsDPvQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-28 08:45:18
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 102.98.76.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 04:45:10.776648 2026] [security2:error] [pid 20804:tid 20836] [client 102.98.76.232:57248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "universalpeacecongress.com"] [uri "/.env"] [unique_id "ahgAlsTsbEgykkalm1krgAAAANA"]
show less
Brute-Force
Bad Web Bot
Web App Attack