๐ฉ๐ช
iNetWorker
2026-07-05 17:47:45
(1 week ago)
trolling for resource vulnerabilities
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-06-22 05:12:07
(3 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-06-22 05:11:45.447 |
Web App Attack
๐ฌ๐ช
nagazich
2026-06-15 09:55:00
(1 month ago)
Scanning and malicious activity. Looking for configs and env. Using url encoding like:
"search=% ...
show more
Scanning and malicious activity. Looking for configs and env. Using url encoding like:
"search=%27%3B+alert%28localStorage%29%3B+%2F%2F&q=%27%3B+alert%28localStorage%29%3B+%2F%2F&query=%27%3B+alert%28localStorage%29%3B+%2F%2F"
show less
Hacking
SQL Injection
๐บ๐ธ
www.winos.me
2026-01-12 17:37:15
(6 months ago)
Banned due to high error rate on HTTP/1.1 protocol
Brute-Force
Web App Attack
๐ฎ๐น
VHosting
2025-12-23 21:10:12
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2025-11-25 06:02:06
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 01:01:57.957043 2025] [security2:error] [pid 13309:tid 13309] [client 209.50.191.79:43365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.kinnen.org"] [uri "/.env"] [unique_id "aSVGVV4gDlImd4Z06q0VmgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 04:26:35
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:26:06.684063 2025] [security2:error] [pid 791962:tid 791962] [client 209.50.191.79:56421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.depcare.com"] [uri "/.env"] [unique_id "aSUv3lH3WcFJAO6lgMWpqgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:54:13
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:55.357714 2025] [security2:error] [pid 10932:tid 10932] [client 209.50.191.79:24097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.internationalservicetravel.com"] [uri "/.svn/wc.db"] [unique_id "aSUoU3q25dmlWak9RMye2wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:50:32
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:50:11.122916 2025] [security2:error] [pid 1647140:tid 1647182] [client 209.50.191.79:40305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rodela.com"] [uri "/.env"] [unique_id "aSUZY8WdNO_bFaD03ZYrcAAAAMQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 00:58:19
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:58:01.538018 2025] [security2:error] [pid 16693:tid 16693] [client 209.50.191.79:23455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.itsupitsdown.com"] [uri "/.svn/wc.db"] [unique_id "aST_GYQqb_sUk07MEE4ZvQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 00:03:26
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.191.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 19:03:18.728357 2025] [security2:error] [pid 32294:tid 32294] [client 209.50.191.79:39293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.garyoneal.com"] [uri "/.svn/wc.db"] [unique_id "aSTyRl-K3r8oXOaVMCad4AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack