π¦πΊ
screwlooseit.com.au
2026-05-06 06:54:09
(1 month ago)
Blocked by CSF 13 firewall - Rule: US/United States/-
Web App Attack
π±π»
garmtech.com
2026-05-01 13:53:07
(1 month ago)
IM360 WAF: Laravel .env file access
Web App Attack
π«π·
COMAITE
2026-03-21 19:23:47
(2 months ago)
SQL injection attempt from 104.207.63.188.
Web App Attack
πΊπΈ
mnsf
2026-02-16 00:05:42
(4 months ago)
Scanning/Probing (23)
Brute-Force
Web App Attack
π¬π§
consul.to
2026-02-15 12:49:43
(4 months ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 12:07:16
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:07:13.369082 2026] [security2:error] [pid 1212714:tid 1212714] [client 104.207.63.188:10041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "techspertnet.com"] [uri "/api/.git/config"] [unique_id "aZG28bve7kkxr1JARUgUBgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 11:45:14
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:45:07.008116 2026] [security2:error] [pid 20526:tid 20526] [client 104.207.63.188:21673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/new/.git/config"] [unique_id "aZGxwzs_HygVbFOqLfuk1wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 11:18:22
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 06:18:18.537833 2026] [security2:error] [pid 1825783:tid 1825783] [client 104.207.63.188:26749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetheaterathollywoodandvine.com"] [uri "/admin/.git/config"] [unique_id "aZGrehwnMuIuZCw0teLHmAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 06:44:33
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 01:44:28.476590 2026] [security2:error] [pid 24844:tid 24844] [client 104.207.63.188:10881] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "takemehomedogrescue.org"] [uri "/.env.local"] [unique_id "aZFrTC7vny7d9uVAo8OOWQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
openstrike.co.uk
2026-02-15 06:13:22
(4 months ago)
13 attacks on env grabbing URLs, password grabbing URLs, VC URLs:
GET /config/.env HTTP/1.1
GET /.aw ...
show more
13 attacks on env grabbing URLs, password grabbing URLs, VC URLs:
GET /config/.env HTTP/1.1
GET /.aws/credentials HTTP/1.1
GET /api/.git/config HTTP/1.1
show less
Hacking
π³π±
jjnxpct
2026-02-15 04:48:34
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /frontend/.env (Rule ID: 930130) - Restricted File Access Attempt
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 04:14:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:14:36.124473 2026] [security2:error] [pid 26090:tid 26090] [client 104.207.63.188:37217] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stpetersplayers.co.uk"] [uri "/backup/.git/config"] [unique_id "aZFILCmne8AK5f2G5VxMFQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 03:14:45
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:14:40.144346 2026] [security2:error] [pid 4945:tid 4945] [client 104.207.63.188:26577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stantontownship.org"] [uri "/.env.staging"] [unique_id "aZE6INq3AiK3m60bQr0FWgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-15 00:40:35
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:40:27.898716 2026] [security2:error] [pid 184123:tid 184244] [client 104.207.63.188:60219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "movetodc.com"] [uri "/app/.git/config"] [unique_id "aZEV-4Mh4IJV0omYQjNWUwAAAkk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-14 23:29:07
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.63.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:29:02.388938 2026] [security2:error] [pid 17712:tid 17712] [client 104.207.63.188:55625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "llew.life"] [uri "/.env.production"] [unique_id "aZEFPvQNpEFeYWQWrWeU4wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack