๐ฒ๐ฝ
octageeks.com
2026-07-18 04:13:04
(12 hours ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐ฌ๐ง
consul.to
2026-07-17 17:00:58
(23 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
tsZero
2026-07-17 14:22:37
(1 day ago)
Scan example: path=/app/.env status=403
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 13:21:25
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:21:21.611216 2026] [security2:error] [pid 1006400:tid 1006419] [client 36.40.70.190:58489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okorganicgardening.org"] [uri "/.env.production"] [unique_id "alosUYMFr7SCvbCswx3ZwwAAANE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:47:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:47:39.353475 2026] [security2:error] [pid 27789:tid 27789] [client 36.40.70.190:53273] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "service.alccontractorsllc.com"] [uri "/.env.development"] [unique_id "alokayJaj98bR8fdsntewQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:48:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:48:27.319498 2026] [security2:error] [pid 11385:tid 11385] [client 36.40.70.190:38770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuzzyecho.com"] [uri "/.env"] [unique_id "aloWiy9JfiYdagfLTgSzngAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:51:00
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:50:56.395508 2026] [security2:error] [pid 3901537:tid 3901537] [client 36.40.70.190:49341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "20dekopas.com"] [uri "/server/.env"] [unique_id "aloJEF5roTu9af1WuaJO_AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 09:10:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:10:01.272572 2026] [security2:error] [pid 4119:tid 4119] [client 36.40.70.190:33450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kennethandsharon.stardancertantra.com"] [uri "/.env.test"] [unique_id "alnxaV4vu2nVniAFTW33oQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:52:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:52:05.561965 2026] [security2:error] [pid 20273:tid 20273] [client 36.40.70.190:60680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fusteriafontane.casademunt.com"] [uri "/.env.prod"] [unique_id "alntNXGRQ7QMkxw-7NtOeAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-07-17 08:51:07
(1 day ago)
2026/07/17 09:50:57 [error] 2483228#2483228: *1802429 access forbidden by rule, client: 36.40.70.190 ...
show more
2026/07/17 09:50:57 [error] 2483228#2483228: *1802429 access forbidden by rule, client: 36.40.70.190, server: silvana-moreira-portfolio.zonadetestes.com, request: "GET /app/.env HTTP/2.0", host: "silvana-moreira-portfolio.zonadetestes.com"
2026/07/17 09:51:01 [error] 2483228#2483228: *1802424 access forbidden by rule, client: 36.40.70.190, server: silvana-moreira-portfolio.zonadetestes.com, request: "GET /src/.env HTTP/2.0", host: "silvana-moreira-portfolio.zonadetestes.com"
2026/07/17 09:51:03 [error] 2483228#2483228: *1802485 access forbidden by rule, client: 36.40.70.190, server: silvana-moreira-portfolio.zonadetestes.com, request: "GET /config/.env HTTP/2.0", host: "silvana-moreira-portfolio.zonadetestes.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:29:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:29:28.078370 2026] [security2:error] [pid 514106:tid 514106] [client 36.40.70.190:53427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "valuerec.com"] [uri "/.env.production"] [unique_id "alnn6L4q3vQE6iyZYGlZnwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:39:38
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:39:30.886700 2026] [security2:error] [pid 614070:tid 614070] [client 36.40.70.190:36197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.davidsonmanagement.net"] [uri "/.env~"] [unique_id "alncMqzED2jXOwG5bVcesQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
djboddington
2026-07-17 07:08:55
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ฎ๐ณ
evicky2002
2026-07-17 06:00:00
(1 day ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-17 05:58:38
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 36.40.70.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:58:32.842806 2026] [security2:error] [pid 385370:tid 385500] [client 36.40.70.190:40415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accreditedprojectmanager.com.aafm.us"] [uri "/.env"] [unique_id "alnEiCdrjqGzfOTOjLEcegAAAk4"]
show less
Brute-Force
Bad Web Bot
Web App Attack