๐บ๐ธ
TPI-Abuse
2026-07-17 10:05:22
(15 minutes ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:05:16.556866 2026] [security2:error] [pid 23385:tid 23385] [client 59.36.82.239:51875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mail-rfinder.com.suffolksystems.com"] [uri "/client/.env"] [unique_id "aln-XJaOnDGfVgINkBwvwAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 09:50:02
(31 minutes ago)
| [Dangerous/China] Aggressive IP 59.36.82.239 (~30 hits). Type: DoS Defender- Web server 400 error ...
show more
| [Dangerous/China] Aggressive IP 59.36.82.239 (~30 hits). Type: DoS Defender- Web server 400 error code
show less
Web App Attack
Hacking
SQL Injection
๐ง๐ช
sid3windr
2026-07-17 09:40:21
(40 minutes ago)
GET /config/production.json (Tarpitted for 4m22s, wasted 15.47kB)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 09:31:05
(50 minutes ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:30:58.223995 2026] [security2:error] [pid 27555:tid 27555] [client 59.36.82.239:37952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrinlauritzen.com"] [uri "/.env.production"] [unique_id "aln2Ug4wTazG0zbR9RYQSAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:48:01
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:47:55.969560 2026] [security2:error] [pid 406968:tid 406968] [client 59.36.82.239:48601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ppcspetsitting.com"] [uri "/.env.bak"] [unique_id "alneK0uRTNvHUVMpU0EllAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:59:27
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:59:19.346239 2026] [security2:error] [pid 28642:tid 28642] [client 59.36.82.239:39460] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoneageartifacts.com"] [uri "/src/.env"] [unique_id "almahx7-URvTUVkuLzDhkgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:52:24
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:52:20.359316 2026] [security2:error] [pid 533424:tid 533424] [client 59.36.82.239:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dentguyvt.com"] [uri "/.env.local"] [unique_id "allSlK6cV44N3PM8XX4fegAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-16 21:47:35
(12 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
todix
2026-07-16 21:34:23
(12 hours ago)
Web App Attack Exploid from 59.36.82.239
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-16 21:07:39
(13 hours ago)
(mod_security-custom) mod_security (id:210492) triggered by 59.36.82.239 (CN/China/Guangdong/Guangzh ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 59.36.82.239 (CN/China/Guangdong/Guangzhou/-/[AS4134 CHINANET-BACKBONE No.31,Jin-rong Street]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 20:23:32
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:23:25.365945 2026] [security2:error] [pid 9159:tid 9181] [client 59.36.82.239:48553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zoomtexas.com"] [uri "/.env.tmp"] [unique_id "alk9ve-AMu3aDfsKm9oDiQAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:08:15
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:05:11.473158 2026] [security2:error] [pid 20890:tid 20890] [client 59.36.82.239:39278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bosch.pamplonaserviciotecnico.com"] [uri "/.env.development"] [unique_id "alk5d2gxRpxk7Sb0Y-s_bQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
gadix
2026-07-16 20:07:04
(14 hours ago)
[16/Jul/2026:22:07:03.722214 +0200] alk5527uSV_Wa1kxaJex9wAAAJA 59.36.82.239 42760 127.0.0.1 7081
[1 ...
show more
[16/Jul/2026:22:07:03.722214 +0200] alk5527uSV_Wa1kxaJex9wAAAJA 59.36.82.239 42760 127.0.0.1 7081
[16/Jul/2026:22:07:04.140754 +0200] alk56PeohLI8yLp6tsGgvQAAAEo 59.36.82.239 42766 127.0.0.1 7081
[16/Jul/2026:22:07:04.559756 +0200] alk56PeohLI8yLp6tsGgvgAAAEg 59.36.82.239 42782 127.0.0.1 7081
...
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 19:55:03
(14 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:48:12
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.82.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:48:06.899612 2026] [security2:error] [pid 11462:tid 11462] [client 59.36.82.239:43003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.yt.grancanariaholidays.com"] [uri "/app/.env"] [unique_id "alknZm2IDtQtd2UVgOVixAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack