๐ง๐ท
Halux
2026-07-17 17:49:07
(10 hours ago)
59.36.87.119 Probing protected path or service
Web App Attack
๐ท๐บ
DZBOT
2026-07-17 09:47:49
(18 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:47:11
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:47:04.966465 2026] [security2:error] [pid 407029:tid 407029] [client 59.36.87.119:56529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mangamaster.hongkonger.org"] [uri "/.env.development"] [unique_id "alnd-K7B1Hq5P2EQ2QJ1cQAAAC0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:32:41
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:32:36.300377 2026] [security2:error] [pid 16493:tid 16493] [client 59.36.87.119:36692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isaacsonpaintings.com"] [uri "/.env.dev"] [unique_id "alnMhDrcC3gxJidP54EfdAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 04:26:47
(23 hours ago)
Bloqueado automaticamente por CrowdSec escenario crowdsecurity/http-sensitive-files
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 03:10:12
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:10:08.711422 2026] [security2:error] [pid 154222:tid 154222] [client 59.36.87.119:53819] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easyweb-publishing.com"] [uri "/app/.env"] [unique_id "almdECl4si6w-niPVjxEWwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-17 02:02:46
(1 day ago)
CrowdSec: crowdsecurity/http-sensitive-files | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWe ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love;
show less
Hacking
๐ฉ๐ช
ger-stg-sifi1
2026-07-17 01:47:36
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:45:53
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:45:48.859099 2026] [security2:error] [pid 25358:tid 25358] [client 59.36.87.119:59736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs4kids.org.jacksonpropertyrentals.com"] [uri "/.env.production.local"] [unique_id "almJTB7fDkiebVhoPyllSAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ญ๐บ
bcsaba
2026-07-17 01:30:46
(1 day ago)
Probing for .env file:
59.36.87.119 - - [17/Jul/2026:03:29:08 +0200] "GET /.env.vault HTTP/1.1" 403 ...
show more
Probing for .env file:
59.36.87.119 - - [17/Jul/2026:03:29:08 +0200] "GET /.env.vault HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:10:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:10:42.819856 2026] [security2:error] [pid 50914:tid 50914] [client 59.36.87.119:42656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jodstar.com"] [uri "/.env.development.local"] [unique_id "almBEo-c7J3F0FkOj1nFNwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
myintarweb
2026-07-17 01:01:03
(1 day ago)
59.36.87.119 - - [17/Jul/2026:02:01:02 +0100] 443 "GET /config/app.php HTTP/1.1" 301 7026 "-" "Mozil ...
show more
59.36.87.119 - - [17/Jul/2026:02:01:02 +0100] 443 "GET /config/app.php HTTP/1.1" 301 7026 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:41:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 59.36.87.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:40:59.845405 2026] [security2:error] [pid 39955:tid 39955] [client 59.36.87.119:52014] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.waypoint-solutions.us"] [uri "/.env.bak"] [unique_id "all6Gx-v9B4v7htD2C_1TgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
mediarama.com
2026-07-16 22:41:14
(1 day ago)
Banned by Fail2Ban
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-16 22:32:18
(1 day ago)
Try to access /.env
Web App Attack