Anonymous
2026-07-02 04:52:50
(4 days ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 06:18:32
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:18:25.076921 2026] [security2:error] [pid 21860:tid 21860] [client 104.23.253.68:10288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastrealestatemedia.com"] [uri "/.env.old"] [unique_id "ajTfMfp7jsDcMyOqnSxfvQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-04 02:10:36
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-05-17 05:31:14
(1 month ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-04-27 09:41:49
(2 months ago)
Fail2Ban php-url-fopen
Hacking
Web App Attack
๐ฉ๐ช
abdubhai
2026-04-09 21:03:56
(2 months ago)
104.23.253.68 - - [10/Apr/2026:0
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-04 16:57:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 12:57:35.661206 2026] [security2:error] [pid 2499:tid 2499] [client 104.23.253.68:13205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.teenybikinigirls.com"] [uri "/.env.staging"] [unique_id "adFC_6ptwyvLTw_hBAT8_AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-03-22 01:06:11
(3 months ago)
Scanning/Probing (22)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 03:51:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 23:50:55.726454 2026] [security2:error] [pid 13401:tid 13401] [client 104.23.253.68:12148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.holistichealth4u2.com"] [uri "/.env.dist"] [unique_id "ab4VnyaF44CEnKAi-yiGJgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-03-21 00:20:51
(3 months ago)
Scanning/Probing (17)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 23:59:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 19:59:49.912297 2026] [security2:error] [pid 5270:tid 5270] [client 104.23.253.68:9888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fatcavestudios.fatcavemedia.com"] [uri "/.env.php"] [unique_id "ab3fdWd892e9LAhmIf1E0gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 09:15:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:15:44.914075 2026] [security2:error] [pid 9258:tid 9258] [client 104.23.253.68:10964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cartilla.aguasolar.com"] [uri "/server/.env"] [unique_id "ab0QQFIl97sT9ylAyBnBPgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 07:16:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:16:55.309493 2026] [security2:error] [pid 2165:tid 2165] [client 104.23.253.68:9655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aemcmullin.com"] [uri "/admin/.env"] [unique_id "abz0Z_XjxNzpNq_mXUvz2QAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:37:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:36:58.307143 2026] [security2:error] [pid 10364:tid 10364] [client 104.23.253.68:9834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.designamb.com"] [uri "/.env.json"] [unique_id "abzO6jm-SIqPUIJg4LinAgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:11:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:11:40.335549 2026] [security2:error] [pid 29871:tid 29871] [client 104.23.253.68:13895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.flanav1.yankeetownfishing.com"] [uri "/root/.env"] [unique_id "abzI_LuOq1eg-XX9Vi4ckwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack