๐ฉ๐ช
IVski
2026-07-16 16:08:11
(1 day ago)
IVski WAF | Sensitive file probe detected - looking for .env
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:40:39
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:39:21.929639 2026] [security2:error] [pid 23047:tid 23047] [client 121.11.100.221:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.wiszen.org"] [uri "/.env.local"] [unique_id "alj7KQvd_R2yORiwxFOlTgAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 14:52:48
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:51:59.146418 2026] [security2:error] [pid 29053:tid 29053] [client 121.11.100.221:48765] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.artinistanbul.pist.org.tr"] [uri "/.env.tmp"] [unique_id "aljwDyAcSmlnq_5jSFRwhwAAAC0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 14:29:14
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:29:06.766723 2026] [security2:error] [pid 22279:tid 22279] [client 121.11.100.221:58415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.hdeco.com"] [uri "/.env.sample"] [unique_id "akEvslIUDwv_Fz5CAl3huwAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 05:34:25
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 121.11.100.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:34:17.066498 2026] [security2:error] [pid 26928:tid 27040] [client 121.11.100.221:43750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.review.n2play.net"] [uri "/.env"] [unique_id "akCyWa_H08zRnSHX6UFRkAAAAkg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:02:23
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-06-25 22:04:16
(3 weeks ago)
Auto-ban: >3000 req/min op 2026-06-25
Web App Attack
SSH
Hacking
๐จ๐ญ
flaus
2026-06-25 21:33:30
(3 weeks ago)
$f2bV_matches
Hacking
Bad Web Bot
Web App Attack