๐จ๐ญ
TheCoon
2026-07-18 03:30:01
(18 hours ago)
Automated: Credential theft attempt - JSON bomb served
Web App Attack
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 22:03:52
(23 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
LRob
2026-07-17 16:03:52
(1 day ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env.production.local | 5 distinct paths | UA: ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env.production.local | 5 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love;
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 15:34:04
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 11:33:57.126180 2026] [security2:error] [pid 31940:tid 31940] [client 59.36.78.10:35244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jjhfamily.com"] [uri "/.env.production"] [unique_id "alpLZfqBW45xtMTTwIwjNAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 14:34:16
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:34:10.852313 2026] [security2:error] [pid 6935:tid 6935] [client 59.36.78.10:56394] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.countrywoodworking.net.bandsolution.net"] [uri "/.env.production"] [unique_id "alo9Yjoqbl7CL9UMjI_GVgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 13:44:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:44:46.199186 2026] [security2:error] [pid 7982:tid 7982] [client 59.36.78.10:51522] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drjaymissdiana.com"] [uri "/.env"] [unique_id "aloxzlkbCBeP01KezL21gAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:47:22
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:47:15.889554 2026] [security2:error] [pid 27801:tid 27801] [client 59.36.78.10:38060] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "service.alccontractorsllc.com"] [uri "/.env"] [unique_id "alokU_62g5nXzgQrxUZmbAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:16:02
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:15:57.301758 2026] [security2:error] [pid 6845:tid 6983] [client 59.36.78.10:42860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marinkovich.co"] [uri "/.env.prod"] [unique_id "aloO7Y51-eXH1Mwfbh1QhAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:08:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:08:26.632999 2026] [security2:error] [pid 16443:tid 16443] [client 59.36.78.10:34235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "touchmypython.bwill.dev"] [uri "/.env.dev"] [unique_id "aln_GnMpNu373uX07wWbJQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:51:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:51:44.600879 2026] [security2:error] [pid 20219:tid 20219] [client 59.36.78.10:43012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fusteriafontane.casademunt.com"] [uri "/.env.development"] [unique_id "alntIAO0M3InVVL9G26RYgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:46:57
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:46:53.052454 2026] [security2:error] [pid 436311:tid 436311] [client 59.36.78.10:45630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clinicacero.com"] [uri "/.env"] [unique_id "alnd7aL4eLVBNGnCryjG-AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:08:13
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:08:08.692396 2026] [security2:error] [pid 23159:tid 23159] [client 59.36.78.10:36277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flugstadcom.xn--lyngr-yua.net"] [uri "/.env.backup"] [unique_id "alnGyCmA2fYnJJpDgBq1SAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-17 05:05:46
(1 day ago)
Blocked by CSF 13 firewall - Rule: config-dotfile
CN/China/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:43:39
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.78.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:43:32.241383 2026] [security2:error] [pid 240384:tid 240384] [client 59.36.78.10:34395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.coiledtubingdrilling.com.antech.net"] [uri "/.env.prod"] [unique_id "almy9DdMdfjLVc5PZLgnjwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
ALPHANET
2026-07-17 03:49:57
(1 day ago)
web exploits
Hacking
Exploited Host
Web App Attack