๐ฎ๐ณ
evicky2002
2026-07-15 06:00:00
(15 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ณ๐ฑ
e.fierstra
2026-07-15 05:25:04
(15 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 05:21:39
(15 hours ago)
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-15 04:59:33
(16 hours ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 02:28:20
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.c ...
show more
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:28:14.143375 2026] [security2:error] [pid 4011:tid 4082] [client 172.86.113.218:53934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geekshop.com"] [uri "/.env"] [unique_id "albwPtO0Wuiq8vnwBh3KRAAAAQU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 01:31:22
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.c ...
show more
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 21:31:15.917855 2026] [security2:error] [pid 29723:tid 29723] [client 172.86.113.218:50366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "petermunka.com"] [uri "/.env"] [unique_id "albi41VaqCb6PBaYrJu1iAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-15 01:03:33
(20 hours ago)
Try to access /.env
Web App Attack
๐บ๐ธ
infra-monitor
2026-07-15 01:00:04
(20 hours ago)
Automated ban via infra-monitor: suspicious-probe
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-15 00:56:34
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.c ...
show more
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 20:56:27.363457 2026] [security2:error] [pid 10774:tid 10774] [client 172.86.113.218:52436] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "multilize.com"] [uri "/.env"] [unique_id "albau0g9OmbZOPdYsb5UmwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-15 00:05:33
(21 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-14 22:56:53
(22 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
RH5
2026-07-14 22:04:27
(23 hours ago)
Restricted URL probing (/.env) (UTC 2026-07-14 22:04)
Web App Attack
๐จ๐ฟ
ddw
2026-07-14 22:04:16
(23 hours ago)
ModSecurity detection - Rules: 930130(Restricted File Access Attempt)
Web App Attack
๐จ๐ญ
4server
2026-07-14 21:53:10
(23 hours ago)
[TueJul1423:53:02.0753142026][security2:error][pid488975:tid489213][client172.86.113.218:0]ModSecuri ...
show more
[TueJul1423:53:02.0753142026][security2:error][pid488975:tid489213][client172.86.113.218:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"4host.biz\"][uri\"/.env\"][unique_id\"alavvn2iTfGbTWcb2-u1dQAAAQY\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 21:45:50
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.c ...
show more
(mod_security) mod_security (id:210492) triggered by 172.86.113.218 (218.113.86.172.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:45:42.789934 2026] [security2:error] [pid 18514:tid 18514] [client 172.86.113.218:51360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "restaurantehaowey.com"] [uri "/.env"] [unique_id "alauBjw71qI1OUTFl2pEIAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack