๐บ๐ธ
TPI-Abuse
2026-07-08 20:21:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 16:21:22.214377 2026] [security2:error] [pid 7594:tid 7594] [client 104.238.60.164:56058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.154"] [uri "/.env"] [unique_id "ak6xQmPtZ1eTmnJDAb6B1QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:23:35
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:23:29.085952 2026] [security2:error] [pid 25943:tid 25943] [client 104.238.60.164:64589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.63"] [uri "/.env"] [unique_id "ak6jsb7Tq8h1473_4QbFFwAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:04:32
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:04:24.646329 2026] [security2:error] [pid 23783:tid 23783] [client 104.238.60.164:57596] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.37"] [uri "/.env"] [unique_id "ak6fOOwj_kG8ApUM3WRG9gAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 14:31:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:31:27.746150 2026] [security2:error] [pid 19022:tid 19022] [client 104.238.60.164:59952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.189"] [uri "/.env"] [unique_id "akPTP99mX0vEAaCH6XwdhwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 13:30:37
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:30:24.777751 2026] [security2:error] [pid 21064:tid 21064] [client 104.238.60.164:52398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.99"] [uri "/.env"] [unique_id "akPE8J-_wrnLHJZmC1pJkQAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 13:11:08
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:11:01.100317 2026] [security2:error] [pid 5736:tid 5736] [client 104.238.60.164:61098] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.70"] [uri "/.env"] [unique_id "akPAZbnq78sV8SJ66UU66AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:21:51
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:21:43.947414 2026] [security2:error] [pid 23309:tid 23309] [client 104.238.60.164:56928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.181"] [uri "/.env"] [unique_id "akI5JyO4y4TeywVivAWvIgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:24:31
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:24:24.544237 2026] [security2:error] [pid 29345:tid 29440] [client 104.238.60.164:62642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.79"] [uri "/.env"] [unique_id "akIruGuUKQ0wFFTaO2i9ogAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:05:22
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:05:17.219638 2026] [security2:error] [pid 18022:tid 18022] [client 104.238.60.164:53606] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.45"] [uri "/.env"] [unique_id "akInPQwOjVlPz57ZZLD-QQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 16:41:23
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:41:15.585475 2026] [security2:error] [pid 17938:tid 17938] [client 104.238.60.164:64141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.176"] [uri "/.env"] [unique_id "aj_9K6IYksaPbCqWlbCTLwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 16:12:06
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:11:59.358993 2026] [security2:error] [pid 23865:tid 23884] [client 104.238.60.164:50024] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.123"] [uri "/.env"] [unique_id "aj_2TxQl_TtI7nFaTpLvBwAAAYs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 15:02:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.238.60.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 11:02:30.128674 2026] [security2:error] [pid 25897:tid 25897] [client 104.238.60.164:51079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.4"] [uri "/.env"] [unique_id "aj_mBq1a-JcvvxCpleIzXwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-06-21 06:03:05
(2 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-06-21 06:02:14.913 |
Web App Attack
๐ง๐ท
opastorello
2026-06-14 00:34:03
(4 weeks ago)
Unsolicited inbound connection attempt / port scan detected by perimeter firewall. Automated report.
Port Scan
๐ฉ๐ช
Mykola Spesivtsev
2026-06-13 10:31:30
(4 weeks ago)
HTTP Tarpit detected bot activity:TargetPort:80, Path:/.env, Method:GET, UA:Mozilla/5.0 (X11; Linux ...
show more
HTTP Tarpit detected bot activity:TargetPort:80, Path:/.env, Method:GET, UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/5
show less
Port Scan
Web App Attack
Bad Web Bot