Anonymous
2026-04-05 11:10:02
(2 months ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 10:30:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 06:30:36.648265 2026] [security2:error] [pid 13698:tid 13698] [client 181.215.182.179:61836] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chandlerowen.com"] [uri "/.env"] [unique_id "adI5zPuhvYJmzkUcllGPRQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-04-05 10:25:09
(2 months ago)
Try to access /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 10:08:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 06:08:23.094911 2026] [security2:error] [pid 30183:tid 30183] [client 181.215.182.179:47637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.linnardfinancial.com"] [uri "/.env"] [unique_id "adI0l8WzRBKkHI3Up0F0hQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 07:57:50
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 03:57:44.829496 2026] [security2:error] [pid 15256:tid 15256] [client 181.215.182.179:48500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.landeagle.com"] [uri "/.env"] [unique_id "adIV-Fa2fPU_SOfUE-_MrgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-04-05 07:51:23
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
interbiznw.com
2026-04-05 07:47:13
(2 months ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ช๐ธ
masterguru
2026-04-05 07:40:57
(2 months ago)
. Matched phrase "/.env" at REQUEST_URI. (210492-123)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 07:25:39
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 03:25:34.073499 2026] [security2:error] [pid 26119:tid 26119] [client 181.215.182.179:8295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gpahomeinspections.com"] [uri "/.env"] [unique_id "adIObnxl1ieIH4ELSt5xlQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-04-05 03:28:55
(2 months ago)
1.186 requests with url.path *.env
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-05 02:34:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 22:34:34.503675 2026] [security2:error] [pid 29653:tid 29653] [client 181.215.182.179:47410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dismain.com"] [uri "/tienda/.env"] [unique_id "adHKOqQ3ClbYfcQ8Bdf35AAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 02:18:51
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 181.215.182.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 22:18:47.526295 2026] [security2:error] [pid 1253:tid 1253] [client 181.215.182.179:6959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.haverhillhouse.com"] [uri "/.env"] [unique_id "adHGh0ZkP9ArQbuBgl5XtAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-05 02:05:27
(2 months ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=6
Hacking
๐จ๐ญ
teamsecure
2026-04-05 01:40:09
(2 months ago)
Banned for trying to access env
Web App Attack
๐บ๐ธ
Matthew Ping
2026-04-05 01:30:02
(2 months ago)
ModSecurity rule 949110 triggered on wp2. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking