๐ฉ๐ช
IVski
2026-07-16 16:08:38
(3 hours ago)
IVski WAF | Sensitive file probe detected - looking for .env
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:43:07
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:42:58.958025 2026] [security2:error] [pid 11452:tid 11452] [client 59.36.74.89:44487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peakagronomysolutions.com"] [uri "/.env.production"] [unique_id "alj8AollLMsfcTSbmoYwRQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 14:57:49
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:57:44.921389 2026] [security2:error] [pid 11547:tid 11547] [client 59.36.74.89:45050] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.new.angelabcomics.com"] [uri "/.env.staging"] [unique_id "aljxaJ8JzpYKW2ys7css6wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:03:02
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-06-25 22:02:00
(2 weeks ago)
Auto-ban: >3000 req/min op 2026-06-25
Web App Attack
SSH
Hacking
๐จ๐ญ
flaus
2026-06-25 21:37:41
(2 weeks ago)
$f2bV_matches
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 08:23:52
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.74.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:23:33.035734 2026] [security2:error] [pid 25210:tid 25210] [client 59.36.74.89:58316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.vespaitaliancafe.com"] [uri "/.env.dev"] [unique_id "ajzlhVCJe_p8zN8JHADrKAAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ญ๐บ
bcsaba
2026-06-25 07:54:40
(3 weeks ago)
Probing for .env file:
59.36.74.89 - - [25/Jun/2026:09:54:32 +0200] "GET /.env HTTP/1.1" 403 548 "-" ...
show more
Probing for .env file:
59.36.74.89 - - [25/Jun/2026:09:54:32 +0200] "GET /.env HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack