๐ฑ๐ป
garmtech.com
2026-07-12 13:58:12
(10 hours ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 19:46:44
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 15:46:38.265257 2026] [security2:error] [pid 15873:tid 15873] [client 196.119.181.171:65064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freightmotivity.com"] [uri "/.env"] [unique_id "alFMHoF3pmazRORhSmeBjwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 19:29:14
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 15:29:09.265611 2026] [security2:error] [pid 25426:tid 25426] [client 196.119.181.171:58935] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flyingdodopublications.com"] [uri "/.env"] [unique_id "alFIBaLsFZKgw-yHovUlKAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-10 19:21:40
(2 days ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-07-10 19:18:06
(2 days ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 19:05:18
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 15:05:14.978112 2026] [security2:error] [pid 9500:tid 9500] [client 196.119.181.171:59915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fireflypov.com"] [uri "/.env"] [unique_id "alFCag_4kgjXpahnwoCt1gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 15:50:24
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 11:50:20.399792 2026] [security2:error] [pid 10329:tid 10329] [client 196.119.181.171:57834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "feaverslane.com"] [uri "/.env"] [unique_id "alEUvC_vcbUm0cPczWT9ZgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-08 21:59:40
(4 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-07.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
MusicLibrary
2026-07-08 15:39:51
(4 days ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-08 15:03:13
(4 days ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 1 hits.
show less
Web App Attack
๐ซ๐ท
Baking333
2026-07-08 14:55:20
(4 days ago)
[redacted] 196.119.181.171 - - [08/Jul/2026:15:12:14 +0100] "GET /.env HTTP/1.1" 302 6793 0/67743 "- ...
show more
[redacted] 196.119.181.171 - - [08/Jul/2026:15:12:14 +0100] "GET /.env HTTP/1.1" 302 6793 0/67743 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" [redacted] 196.119.181.171 - - [08/Jul/2026:15:55:18 +0100] "GET /.env HTTP/1.1" 302 6778 0/61116 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
show less
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-08 14:35:31
(4 days ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:59
(5 days ago)
Auto-ban: >3000 req/min op 2026-07-07
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 16:28:20
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 196.119.181.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:28:17.282400 2026] [security2:error] [pid 23432:tid 23432] [client 196.119.181.171:64871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daveweisman.com"] [uri "/.env"] [unique_id "ak0pIVQEZuo2IqtylyxwvAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 16:18:12
(5 days ago)
196.119.181.171 - - [07/Jul/2026:16:18:11 +0000] "GET /.env HTTP/1.1" 301 570 "-" "Mozilla/5.0 (Maci ...
show more
196.119.181.171 - - [07/Jul/2026:16:18:11 +0000] "GET /.env HTTP/1.1" 301 570 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Brute-Force
Web App Attack