๐บ๐ธ
TPI-Abuse
2026-06-30 09:42:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:42:43.547620 2026] [security2:error] [pid 18143:tid 18143] [client 161.35.206.222:46910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boardinjapan.com.smogsandiego.com"] [uri "/.env.development"] [unique_id "akOPkzLi4TeaQDMkq5616wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
rubixstudios
2026-06-30 09:10:02
(2 days ago)
Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360
DDoS Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:40:32
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:40:27.048373 2026] [security2:error] [pid 13208:tid 13208] [client 161.35.206.222:58240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aquatech-ind.com"] [uri "/.env.development"] [unique_id "akOA-x6bm27pJ1cAkG_iPAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-06-30 08:30:44
(3 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:00:18
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:00:11.785877 2026] [security2:error] [pid 3195:tid 3195] [client 161.35.206.222:47758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meghanmack.com"] [uri "/.env.vault"] [unique_id "akN3iw1Wkkuk26_3tHYjcQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:16:02
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:15:58.702364 2026] [security2:error] [pid 2492:tid 2492] [client 161.35.206.222:53304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.meridianranchdrc.org"] [uri "/.env.production"] [unique_id "akNtLt-uS2kESIT4lSCFoQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
daveoctober
2026-06-30 07:14:27
(3 days ago)
October Sentinel: honeypot triggered
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:58:50
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:58:47.225190 2026] [security2:error] [pid 17131:tid 17131] [client 161.35.206.222:52152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clubfansite.com"] [uri "/public/.env"] [unique_id "akNpJ7Y-N9AMd9rqvmIT4QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:43:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:43:17.878864 2026] [security2:error] [pid 1948:tid 1948] [client 161.35.206.222:42454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobileonlinecasinos.co"] [uri "/storage/framework/.env"] [unique_id "akNlhbvLg8u-BxUJ5GcQtQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:08:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:08:42.864936 2026] [security2:error] [pid 18963:tid 18963] [client 161.35.206.222:44058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mainescentsecrets.com"] [uri "/temp/.env"] [unique_id "akNdaj_h-jb2hILicZXC6wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-06-30 05:53:37
(3 days ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.test.lo ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.test.local Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐จ๐ญ
4server
2026-06-30 05:37:22
(3 days ago)
[TueJun3007:37:16.7368282026][security2:error][pid1963674:tid1963814][client161.35.206.222:0]ModSecu ...
show more
[TueJun3007:37:16.7368282026][security2:error][pid1963674:tid1963814][client161.35.206.222:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"server-privato.com\"][uri\"/src/.env\"][unique_id\"akNWDDRr5u68S-QKYwxKIwAAAJg\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 01:23:52
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 161.35.206.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:23:47.443910 2026] [security2:error] [pid 9758:tid 9758] [client 161.35.206.222:36106] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||muzenique.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "muzenique.com"] [uri "/root/.config/gcloud/credentials.db"] [unique_id "akMao69eYZU8ibWwyxSDCgAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
kumiko
2026-06-29 21:44:50
(3 days ago)
[2026-06-30 00:44:49] Probing for dotfiles
"GET /.streamlit/secrets.toml HTTP/1.1" 403
Bad Web Bot
Web App Attack
๐บ๐ธ
Rip
2026-06-29 10:23:15
(3 days ago)
Restricted File Access Attempts
Port Scan
Web App Attack