๐บ๐ธ
TPI-Abuse
2026-07-16 18:26:19
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:26:13.780203 2026] [security2:error] [pid 1448:tid 1448] [client 114.96.80.159:43669] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kristasrecoverycoaching.com.kildarafarms.com"] [uri "/.env.local"] [unique_id "alkiRZVR3K_AGzWcbbnuDAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:42:08
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:42:03.416551 2026] [security2:error] [pid 13234:tid 13287] [client 114.96.80.159:56066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ioqm.com"] [uri "/.env"] [unique_id "alkX62JsOKpnnDkB0xUo2gAAARI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:49:32
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:49:21.666443 2026] [security2:error] [pid 8321:tid 8321] [client 114.96.80.159:48960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jcrluthier.com"] [uri "/.env"] [unique_id "alkLkeRmLUmHEDeFj7Rc5wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-16 15:30:07
(4 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:17:18
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:17:12.641014 2026] [security2:error] [pid 13329:tid 13329] [client 114.96.80.159:53772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stradcompetition.finestringinstruments.com"] [uri "/config/.env"] [unique_id "alj1-HXfmSK2YbW7hNP9WgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-07-02 00:33:12
(2 weeks ago)
env leak on 336.today/backend/.env โ WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack
๐บ๐ธ
jfz-abuse
2026-07-01 19:35:28
(2 weeks ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐ฎ๐น
Progetto1
2026-07-01 06:25:03
(2 weeks ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:13:59
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:13:55.334139 2026] [security2:error] [pid 18862:tid 18862] [client 114.96.80.159:36149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pnp42.com.grancanariaholidays.com"] [uri "/src/.env"] [unique_id "akPrQ2Y9j8NZeYVz1MzxnQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:39:06
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:39:02.720360 2026] [security2:error] [pid 23697:tid 23697] [client 114.96.80.159:37629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "randomgroovemusic.com"] [uri "/.env~"] [unique_id "akOApt0dDoy31VajXEVc2QAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:43:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 114.96.80.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:43:29.528794 2026] [security2:error] [pid 16505:tid 16541] [client 114.96.80.159:35064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.playerintro.beckmon.com"] [uri "/.env~"] [unique_id "akNlkUBt4UJBpYoLmI4XGwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
sajmon0011
2026-06-30 00:37:29
(2 weeks ago)
114.96.80.159 - - [30/Jun/2026:02:37:29 +0200] "GET /config/master.key HTTP/1.1" 404 196 "-" "Mozill ...
show more
114.96.80.159 - - [30/Jun/2026:02:37:29 +0200] "GET /config/master.key HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2026-06-29 07:20:31
(2 weeks ago)
[Mon Jun 29 01:19:36.544522 2026] [authz_core:error] [pid 153207:tid 140605267105344] [client 114.96 ...
show more
[Mon Jun 29 01:19:36.544522 2026] [authz_core:error] [pid 153207:tid 140605267105344] [client 114.96.80.159:46395] AH01630: client denied by server configuration: /var/www/horde/config/.env
[Mon Jun 29 01:20:29.109469 2026] [authz_core:error] [pid 153472:tid 140606626068032] [client 114.96.80.159:37035] AH01630: client denied by server configuration: /var/www/horde/config/secrets.yml
[Mon Jun 29 01:20:30.373157 2026] [authz_core:error] [pid 153472:tid 140605585864256] [client 114.96.80.159:37035] AH01630: client denied by server configuration: /var/www/horde/config/master.key
...
show less
Bad Web Bot
Anonymous
2026-06-28 07:07:02
(2 weeks ago)
Automated web scanner. Requested suspicious paths: /.env. UTC: 2026-06-28 06:34:33.
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:03:17
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking