๐ซ๐ท
dynamix
2026-06-30 09:05:20
(1 week ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
itsolon
2026-06-30 08:53:21
(1 week ago)
[30/Jun/2026:10:53:05 +0200] 178280958515.130164 223.247.186.137 57766 217.154.7.177 443
[30/Jun/202 ...
show more
[30/Jun/2026:10:53:05 +0200] 178280958515.130164 223.247.186.137 57766 217.154.7.177 443
[30/Jun/2026:10:53:07 +0200] 178280958756.573090 223.247.186.137 57766 217.154.7.177 443
[30/Jun/2026:10:53:07 +0200] 178280958790.575350 223.247.186.137 57766 217.154.7.177 443
[30/Jun/2026:10:53:20 +0200] 178280960072.444000 223.247.186.137 57766 217.154.7.177 443
[30/Jun/2026:10:53:21 +0200] 178280960133.680104 223.247.186.137 57766 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
๐ง๐พ
lns.bz
2026-06-30 08:01:21
(1 week ago)
Too many 404 requests [BY]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:51:29
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:51:25.181213 2026] [security2:error] [pid 14774:tid 14774] [client 223.247.186.137:43681] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fasllc.rooksfamily.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fasllc.rooksfamily.com"] [uri "/config/master.key"] [unique_id "akN1fRNIN3KzILWYgYjTUgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 07:06:02
(1 week ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=134
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 07:03:43
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:03:36.610943 2026] [security2:error] [pid 17000:tid 17000] [client 223.247.186.137:37627] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tommckee.tunabay.com"] [uri "/.env.test"] [unique_id "akNqSNQOPISuMpXTFgJLwwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:41:42
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 223.247.186.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:41:37.794776 2026] [security2:error] [pid 30961:tid 30961] [client 223.247.186.137:54980] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobileonlinecasinos.co"] [uri "/backup/.env"] [unique_id "akNlIbg0YEUhVfMrBEG7-gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-06-30 06:26:37
(1 week ago)
URL Probing: /web/.env
Web App Attack
๐ฌ๐ง
consul.to
2026-06-30 06:25:19
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
Swiptly
2026-06-30 06:25:04
(1 week ago)
Bot scanning for environment files .env .env/\*
...
Web App Attack
Anonymous
2026-06-30 06:00:54
(1 week ago)
Blocked by ModSec and CSF
Port Scan
๐จ๐ญ
4server
2026-06-30 05:36:07
(1 week ago)
[TueJun3007:36:01.4559102026][security2:error][pid1964206:tid1964254][client223.247.186.137:0]ModSec ...
show more
[TueJun3007:36:01.4559102026][security2:error][pid1964206:tid1964254][client223.247.186.137:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"server-privato.ch\"][uri\"/.env\"][unique_id\"akNVwUcQjPjNU0WGkfS69wAAAQo\"]
show less
Hacking
Web App Attack
๐ซ๐ฎ
kumiko
2026-06-29 21:40:54
(1 week ago)
[2026-06-30 00:40:45] Probing for dotfiles
"GET /old/.env HTTP/1.1" 301
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-28 21:57:55
(2 weeks ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.local
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:02:51
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking