๐บ๐ธ
TPI-Abuse
2026-07-03 02:28:53
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:28:46.121046 2026] [security2:error] [pid 15914:tid 15914] [client 104.219.238.153:53716] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "borzoi-pedigree.batw.net"] [uri "/.env"] [unique_id "akceXlptqPlINxLmYBiqeQAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-07-03 00:45:02
(5 days ago)
Detected env_leak attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 23:46:50
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:46:41.831407 2026] [security2:error] [pid 24684:tid 24684] [client 104.219.238.153:61963] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.virginiatouchatruck.com"] [uri "/.env"] [unique_id "akb4YV_0CtRyG03-Q1L8owAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 22:35:03
(5 days ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/2.0
Hacking
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-02 21:48:30
(5 days ago)
[Fri Jul 03 07:48:28.874655 2026] [security2:error] [pid 582893] [client 104.219.238.153:60148] [cli ...
show more
[Fri Jul 03 07:48:28.874655 2026] [security2:error] [pid 582893] [client 104.219.238.153:60148] [client 104.219.238.153] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.id.au"] [uri "/.env"] [unique_id "akbcrF78qVvl_8A5L2uhBwAAAA4"]
...
show less
Web App Attack
๐ณ๐ฑ
enpepet
2026-07-02 18:58:14
(6 days ago)
GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, lik ...
show more
GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.7632.26 Mobile Safari/537.36 URL:/.env
show less
Port Scan
Hacking
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 18:52:04
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:52:00.435288 2026] [security2:error] [pid 24656:tid 24656] [client 104.219.238.153:52095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tulsatvmemories.com"] [uri "/.env"] [unique_id "akazULhSgEIuC6NIyx1JigAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:03:22
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:03:17.325702 2026] [security2:error] [pid 17175:tid 17175] [client 104.219.238.153:55201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vzan.org"] [uri "/.env"] [unique_id "akan5XP3anyi45U4U2Ad9AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 17:30:11
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:29:57.788795 2026] [security2:error] [pid 29811:tid 29811] [client 104.219.238.153:62283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.register-yacht-croatia.com"] [uri "/.env"] [unique_id "akagFbQL8gzdt5ijRyXdEQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-07-02 15:24:29
(6 days ago)
vulnerability scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:20:39
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:20:35.795371 2026] [security2:error] [pid 12880:tid 12880] [client 104.219.238.153:53445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.player-care.com"] [uri "/.env"] [unique_id "akaBwwQfx5qh7QTwJ6ILXAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-07-02 14:22:42
(6 days ago)
Accessed trap at '/.env'
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-02 13:44:35
(6 days ago)
2026-07-02 13:44:34 104.219.238.153 File scanning, blocking 104.219.238.153 for 5 minutes
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-02 12:47:33
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:05:58
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 104.219.238.153 (ip-104-219-238-153.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:05:55.302556 2026] [security2:error] [pid 16255:tid 16255] [client 104.219.238.153:51417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vitalitywebb.com"] [uri "/.env"] [unique_id "akZUI75N0xSKyvE4KTVf0QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack