Anonymous
2026-07-17 14:10:01
(1 hour ago)
| [Dangerous/China] Aggressive IP 59.36.169.198 (~30 hits). Type: DoS Defender- Web server 400 error ...
show more
| [Dangerous/China] Aggressive IP 59.36.169.198 (~30 hits). Type: DoS Defender- Web server 400 error code
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-17 12:45:06
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:44:59.653180 2026] [security2:error] [pid 11435:tid 11435] [client 59.36.169.198:38772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renperfco.com"] [uri "/.env.tmp"] [unique_id "alojy-9o7RnO6V9O3-eY5wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
breubit
2026-07-17 09:09:06
(6 hours ago)
59.36.169.198 - - [17/Jul/2026:11:09:05 +0200] "GET /storage/framework/.env HTTP/1.1" 403 4467 "-" " ...
show more
59.36.169.198 - - [17/Jul/2026:11:09:05 +0200] "GET /storage/framework/.env HTTP/1.1" 403 4467 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:32:24
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:32:21.251247 2026] [security2:error] [pid 23073:tid 23073] [client 59.36.169.198:53984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "underraided.com"] [uri "/.env.staging"] [unique_id "almiRWiXiwy7wKdFJBz7gwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:54:06
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:53:58.220387 2026] [security2:error] [pid 24264:tid 24337] [client 59.36.169.198:52231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "honorac.com"] [uri "/.env.production.local"] [unique_id "almZRj9k8T8vvy_YhO8JDwAAAgU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:09:44
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:09:35.815583 2026] [security2:error] [pid 47106:tid 47106] [client 59.36.169.198:42817] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jodstar.com"] [uri "/.env.dev"] [unique_id "almAz2-PEWQxf6KXxt8yQgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
myintarweb
2026-07-17 00:57:10
(15 hours ago)
59.36.169.198 - - [17/Jul/2026:01:57:10 +0100] 443 "GET /.env.prod HTTP/1.1" 301 7016 "-" "Mozilla/5 ...
show more
59.36.169.198 - - [17/Jul/2026:01:57:10 +0100] 443 "GET /.env.prod HTTP/1.1" 301 7016 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ญ๐บ
bcsaba
2026-07-16 22:06:59
(17 hours ago)
Looking for json file on web server
59.36.169.198 - - [17/Jul/2026:00:06:57 +0200] "GET /env.json HT ...
show more
Looking for json file on web server
59.36.169.198 - - [17/Jul/2026:00:06:57 +0200] "GET /env.json HTTP/1.1" 404 1491 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
show less
Web App Attack
๐จ๐ญ
4server
2026-07-16 21:56:10
(18 hours ago)
[ThuJul1623:56:05.5474512026][security2:error][pid1488260:tid1488324][client59.36.169.198:0]ModSecur ...
show more
[ThuJul1623:56:05.5474512026][security2:error][pid1488260:tid1488324][client59.36.169.198:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"aidweb.ch.81-17-25-250.cpanel.site\"][uri\"/var/.env\"][unique_id\"allTdYJBWFOjSw8azlaFbQAAAAo\"]
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 21:06:30
(18 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:07:38
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:07:30.068622 2026] [security2:error] [pid 20890:tid 20890] [client 59.36.169.198:45794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wailthelifeofbudpowell.budpowellbio.com"] [uri "/web/.env"] [unique_id "alk6AmgxRpxk7Sb0Y-s_ngAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:48:03
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:47:59.782687 2026] [security2:error] [pid 396400:tid 396400] [client 59.36.169.198:49254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fcc.robotrodeo.net"] [uri "/.env.development"] [unique_id "alk1b5mJqruqhwIwTDSgkwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:25:46
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:25:38.951615 2026] [security2:error] [pid 13127:tid 13127] [client 59.36.169.198:53158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ontrek.com"] [uri "/.env.dist"] [unique_id "alkwMk1sywawL-Jg0E9kTQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:26:27
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:26:14.831736 2026] [security2:error] [pid 32350:tid 32350] [client 59.36.169.198:52050] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bennoyes.com.arsenaultartistmanagement.com"] [uri "/.env.production"] [unique_id "alkUNu6xhpIObjlE9R-9vwAAADk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:04:58
(22 hours ago)
(mod_security) mod_security (id:210730) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 59.36.169.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:04:33.959523 2026] [security2:error] [pid 2393:tid 2393] [client 59.36.169.198:59753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||cuddliesforkids.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cuddliesforkids.com"] [uri "/config/master.key"] [unique_id "alkPIagf1dn8WepxcDUGwgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack