Anonymous
2026-06-30 23:14:04
(1 day ago)
Bot / scanning and/or hacking attempts: GET /.env.staging HTTP/1.1, GET /.env.test HTTP/1.1, GET /.e ...
show more
Bot / scanning and/or hacking attempts: GET /.env.staging HTTP/1.1, GET /.env.test HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.env.save HTTP/1.1, GET /.env.prod HTTP/1.1
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:56:12
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:56:06.927094 2026] [security2:error] [pid 7188:tid 7188] [client 223.240.122.27:45623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.presucad.com"] [uri "/.env.example"] [unique_id "akQ7dutQoU-N6tJJaNyTvwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:08:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:08:01.123061 2026] [security2:error] [pid 18774:tid 18782] [client 223.240.122.27:41027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lisabees.net"] [uri "/.env"] [unique_id "akQwMeIBqoGKW6U_6nK97AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-06-30 19:24:59
(1 day ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:19:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:19:49.529511 2026] [security2:error] [pid 19910:tid 19910] [client 223.240.122.27:42785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smsindustries.com"] [uri "/.env.prod"] [unique_id "akQW1SY_b8H8-TB-_trJXwAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:46:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:46:49.381500 2026] [security2:error] [pid 24342:tid 24345] [client 223.240.122.27:60201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peoplewithai.bertdecoutere.name"] [uri "/.env.bak"] [unique_id "akQPGccGxBDASH7IXCQnCQAAAUA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-06-30 17:47:10
(1 day ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:47:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:47:03.262685 2026] [security2:error] [pid 20778:tid 20778] [client 223.240.122.27:34763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "willmarksynthetics.com"] [uri "/.env.test"] [unique_id "akPzByv5f3HuSZLaRRWMjgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
webadmin
2026-06-30 16:30:40
(1 day ago)
Web App Attack
Anonymous
2026-06-30 15:42:36
(1 day ago)
(caddyscan) Scanner path probe from 223.240.122.27 (CN/China/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 223.240.122.27 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 223.240.122.27 - - [30/Jun/2026:15:41:40 +0000] "GET /.env.old HTTP/1.1"
[REDACTED] 200 2627 223.240.122.27 - - [30/Jun/2026:15:42:28 +0000] "GET /.env.production.local HTTP/1.1"
[REDACTED] 200 2627 223.240.122.27 - - [30/Jun/2026:15:42:28 +0000] "GET /.env.development.local HTTP/1.1"
[REDACTED] 200 2627 223.240.122.27 - - [30/Jun/2026:15:42:29 +0000] "GET /.env.test.local HTTP/1.1"
[REDACTED] 200 2627 223.240.122.27 - - [30/Jun/2026:15:42:32 +0000] "GET /app/.env HTTP/1.1"
show less
Port Scan
Anonymous
2026-06-30 14:40:02
(1 day ago)
suspicious request in access.log
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 14:29:28
(1 day ago)
Too much 404 requests in 1 minute. 403, (46020-180)
Hacking
๐ซ๐ท
masterguru
2026-06-30 12:55:47
(1 day ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:15:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 223.240.122.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:15:23.502737 2026] [security2:error] [pid 20178:tid 20178] [client 223.240.122.27:56876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.drillworkscr.com"] [uri "/laravel/.env"] [unique_id "akOzW3MgZMKUgeiep_JK_AAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
MPL
2026-06-30 12:06:46
(2 days ago)
tcp/443 (6 or more attempts)
Port Scan