๐ฉ๐ช
FeG Deutschland
2026-07-04 16:37:04
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 127
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:25:23
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:25:18.721071 2026] [security2:error] [pid 16580:tid 16580] [client 104.194.206.225:20339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "empoweruohio.org"] [uri "/.env.staging"] [unique_id "akiLLlmY_Br1N8yHrB57QQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
SilverZippo
2026-07-03 09:44:18
(5 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 21:44:40
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:44:35.467861 2026] [security2:error] [pid 21169:tid 21169] [client 104.194.206.225:65209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "commonbridges.org"] [uri "/.env"] [unique_id "akbbw1nI8gdh7qQOesJ3XgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-07-02 04:15:06
(6 days ago)
Aggressive web search of vulnerable pages: /.env /.env.local /wp-json/ /wp-config.php /docker-compos ...
show more
Aggressive web search of vulnerable pages: /.env /.env.local /wp-json/ /wp-config.php /docker-compose.yml /docker-compose.override.yml /config. ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 02:46:26
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:46:19.410476 2026] [security2:error] [pid 9385:tid 9385] [client 104.194.206.225:1523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "certifiedfarmersmarkets.org"] [uri "/.env"] [unique_id "akXQ-5wO4_w4YF7-pbsF7gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
huginet
2026-07-02 02:28:36
(6 days ago)
104.194.206.225 - - [02/Jul/2026:04:28:22 +0200] "GET /.env.development HTTP/1.1" 403 32175 "-" "Moz ...
show more
104.194.206.225 - - [02/Jul/2026:04:28:22 +0200] "GET /.env.development HTTP/1.1" 403 32175 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
104.194.206.225 - - [02/Jul/2026:04:28:35 +0200] "GET /.npmrc HTTP/1.1" 403 32175 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
...
show less
Web Spam
Web App Attack
Anonymous
2026-07-01 22:55:05
(6 days ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
brightenfield
2026-07-01 18:15:35
(1 week ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 03:20:44
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 104.194.206.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:20:37.605373 2026] [security2:error] [pid 8930:tid 8930] [client 104.194.206.225:18189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "biblestudentfiles.org"] [uri "/.env"] [unique_id "akSHhYcA_Fl2ASfZRu07CgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack