π¨π
zynex
2026-07-16 19:56:09
(58 minutes ago)
URL Probing: /web/.env
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 19:55:52
(58 minutes ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:55:47.926732 2026] [security2:error] [pid 8293:tid 8293] [client 8.217.54.124:60114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxurymicrobikini.com"] [uri "/.env.production.local"] [unique_id "alk3Q7vne66vlklFBPfC3AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
IVski
2026-07-16 18:57:32
(1 hour ago)
IVski WAF | Sensitive file probe detected - looking for .env
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 18:52:24
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:48:00.702984 2026] [security2:error] [pid 30193:tid 30193] [client 8.217.54.124:23049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.shop.kleens-uk.com"] [uri "/.env~"] [unique_id "alknYI6u_21RxEHAzabGnQAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 18:24:11
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:24:05.189567 2026] [security2:error] [pid 7176:tid 7176] [client 8.217.54.124:62475] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gsrsv.org"] [uri "/.env.bak"] [unique_id "alkhxU9CZ_hvgRzT49OwYwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 17:43:58
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:43:51.086295 2026] [security2:error] [pid 21499:tid 21499] [client 8.217.54.124:51438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "monogay.org"] [uri "/tmp/.env"] [unique_id "alkYVywUo7m8v7KZ5ipt2QAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-07-16 17:28:01
(3 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 17:21:21
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:21:14.998891 2026] [security2:error] [pid 3341:tid 3341] [client 8.217.54.124:33508] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "industrialovens.us.daveweisman.com"] [uri "/private/.env"] [unique_id "alkTCkA6hGV68d9GeTNIiAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 17:05:11
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:05:07.287242 2026] [security2:error] [pid 26646:tid 26646] [client 8.217.54.124:54398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lifebooksource.teamspiro.com"] [uri "/public/.env"] [unique_id "alkPQ01moq7pYJvB2Ot8oAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 16:46:46
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:42:10.141682 2026] [security2:error] [pid 15961:tid 15961] [client 8.217.54.124:21341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanexportimport.com"] [uri "/.env.save"] [unique_id "alkJ4ql_AmH5wN6xwtC4qAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 16:03:37
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:03:31.060443 2026] [security2:error] [pid 29373:tid 29373] [client 8.217.54.124:30412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.museum.henning.org"] [uri "/.env.test"] [unique_id "alkA0-5ONcXfTiMqjNUv_wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 15:42:28
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:42:21.044353 2026] [security2:error] [pid 7078:tid 7078] [client 8.217.54.124:50763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.twilighthackers.com"] [uri "/.env.prod"] [unique_id "alj73Y_8JWpRXz8fiBf0dQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 15:18:52
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.217.54.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:17:05.900709 2026] [security2:error] [pid 2547:tid 2547] [client 8.217.54.124:19629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pcsyportatiles.com"] [uri "/.env.sample"] [unique_id "alj18ZluAwAG9IFYK5zUfwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack