๐ฒ๐พ
Rizzy
2026-07-16 19:01:15
(39 minutes ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:58:14
(42 minutes ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:57:10.131329 2026] [security2:error] [pid 22819:tid 22819] [client 36.111.69.64:52761] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naomipyle.com"] [uri "/.env.dist"] [unique_id "alkphmNwqj2uY7qDJljduwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:49:53
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:49:45.153628 2026] [security2:error] [pid 25603:tid 25603] [client 36.111.69.64:33911] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drhoss.com"] [uri "/src/.env"] [unique_id "alkZuUag4zLM5nB8vEbP7AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:27:09
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:27:00.501221 2026] [security2:error] [pid 2255:tid 2255] [client 36.111.69.64:34950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exploratorymusic.net"] [uri "/.env"] [unique_id "alkUZOd58fHjp-X9dWn0TwAAADk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:09:42
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:09:38.579884 2026] [security2:error] [pid 8254:tid 8254] [client 36.111.69.64:37197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puduspoems.com"] [uri "/.env"] [unique_id "alkQUruJx3baZ9BTAP-34QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:48:15
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:42:09.464232 2026] [security2:error] [pid 16088:tid 16088] [client 36.111.69.64:53238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "networkmediasoftware.com"] [uri "/.env.old"] [unique_id "alkJ4WRUtwoqu2HRS0wVqQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:15:46
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:14:22.623282 2026] [security2:error] [pid 30079:tid 30079] [client 36.111.69.64:55156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angelonearth.net"] [uri "/config/.env"] [unique_id "alj1TiY9pU_Ze9btJP5_2gAAADo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 08:44:07
(2 weeks ago)
Bot / scanning and/or hacking attempts: GET /.env.production HTTP/1.1, GET /.env.dev HTTP/1.1, GET / ...
show more
Bot / scanning and/or hacking attempts: GET /.env.production HTTP/1.1, GET /.env.dev HTTP/1.1, GET /.env.development HTTP/1.1, GET /.env.staging HTTP/1.1, GET /.env.test HTTP/1.1, GET /.env.prod HTTP/1.1
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 16:59:47
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.111.69.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:59:39.212588 2026] [security2:error] [pid 25364:tid 25364] [client 36.111.69.64:33910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texascottagebakers.com"] [uri "/.env"] [unique_id "akABe3Chh65qKdGZaNAmFgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:03:46
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mnsf
2026-06-26 10:05:41
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐จ๐ญ
flaus
2026-06-25 21:37:02
(2 weeks ago)
$f2bV_matches
Hacking
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-25 10:12:35
(3 weeks ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack