๐บ๐ธ
ArturShelby
2026-07-18 06:43:56
(1 day ago)
Critical file access: /.env
Web App Attack
๐บ๐ธ
dtorrer
2026-07-18 06:43:04
(1 day ago)
General vulnerability scan.
Port Scan
๐บ๐ธ
apislytics
2026-07-18 06:32:42
(1 day ago)
Automatic hard ban after repeated rate-limit abuse
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-18 06:22:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 02:22:39.708394 2026] [security2:error] [pid 26040:tid 26078] [client 209.87.164.224:46077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bmx3.de"] [uri "/.env"] [unique_id "alsbr61nPlY_IwfZfwZb_QAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 06:05:44
(1 day ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=8
Hacking
๐ฉ๐ช
MusicLibrary
2026-07-18 05:45:22
(1 day ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:35:18
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:35:12.037379 2026] [security2:error] [pid 3171:tid 3171] [client 209.87.164.224:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/.env"] [unique_id "alsQkH5BetpZ1f9O3Y0dOgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 05:16:21
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 01:16:13.651420 2026] [security2:error] [pid 1600150:tid 1600150] [client 209.87.164.224:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ccamp.dev"] [uri "/.env"] [unique_id "alsMHWs_cNU2yZ9ja2BhEgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 04:55:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 00:55:27.494686 2026] [security2:error] [pid 3393:tid 3393] [client 209.87.164.224:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caspina.com"] [uri "/.env"] [unique_id "alsHP25TfHCiooW-sRufVwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 04:20:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 00:20:15.297382 2026] [security2:error] [pid 134676:tid 134676] [client 209.87.164.224:38385] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chelseafootballprogrammes.com"] [uri "/.env"] [unique_id "alr-_3GI75745nqr9-oxBwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 04:13:25
(1 day ago)
2026/07/18 04:13:18 [error] 4721#4721: *27798 [client 209.87.164.224] ModSecurity: Access denied wit ...
show more
2026/07/18 04:13:18 [error] 4721#4721: *27798 [client 209.87.164.224] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.28.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "aobandassociates.com"] [uri "/.env"] [unique_id "178434799892.239896"] [ref ""], client: 209.87.164.224, server: aobandassociates.com, request: "GET /.env HTTP/1.1", host: "aobandassociates.com"
2026/07/18 04:13:22 [error] 4721#4721: *27800 [client 209.87.164.224] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modse
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-18 03:13:04
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 23:13:00.727546 2026] [security2:error] [pid 11388:tid 11388] [client 209.87.164.224:25585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clinegroupmarketplace.com"] [uri "/.env"] [unique_id "alrvPGen6MEuwTzTIScp2wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 03:01:05
(1 day ago)
209.87.164.224 - - [18/Jul/2026:11:01:05 +0800] "GET /.env HTTP/1.1" 200 30682 "-" "Mozilla/5.0 (Mac ...
show more
209.87.164.224 - - [18/Jul/2026:11:01:05 +0800] "GET /.env HTTP/1.1" 200 30682 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 02:57:10
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.87.164.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 22:57:05.273497 2026] [security2:error] [pid 27499:tid 27499] [client 209.87.164.224:51459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "albertmassaad.com"] [uri "/.env"] [unique_id "alrrgVs9S4IV_JzuseDkggAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ISPLtd
2026-07-18 02:35:14
(1 day ago)
209.87.164.224 [17/Jul/2026:23:33:03 -0300] altenberg-ib.com:443 URL:/.env "GET /.env
209.87.164.224 ...
show more
209.87.164.224 [17/Jul/2026:23:33:03 -0300] altenberg-ib.com:443 URL:/.env "GET /.env
209.87.164.224 [17/Jul/2026:23:35:14 -0300] patientrm.com:443 URL:/.env "GET /.env
...
show less
Hacking
Web App Attack