๐บ๐ธ
TPI-Abuse
2026-07-14 05:36:08
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 01:36:03.328467 2026] [security2:error] [pid 30974:tid 30974] [client 72.167.36.89:54577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.eastmansmainecraft.com"] [uri "/.env"] [unique_id "alXKw7g41wDv9yNpxizbQAAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 03:46:22
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 23:46:17.017768 2026] [security2:error] [pid 31896:tid 31896] [client 72.167.36.89:53329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.garyandthegroove.com"] [uri "/.env"] [unique_id "alWxCY2tIFrBKuzqBQEJBQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 03:01:46
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 23:01:42.549196 2026] [security2:error] [pid 27095:tid 27095] [client 72.167.36.89:64404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquanauticsige.com"] [uri "/.env"] [unique_id "alWmlkjK1t0YEEaURlbjzQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 01:34:04
(6 hours ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET /index.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:12:28
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:12:25.468751 2026] [security2:error] [pid 13876:tid 13876] [client 72.167.36.89:57562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.moonlightmotel.com"] [uri "/.env"] [unique_id "alWM-TNe29bcCF1ME8TJewAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-14 01:05:12
(7 hours ago)
Abuse Detected (90)
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-07-14 01:03:59
(7 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-14 00:37:32
(7 hours ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐ฉ๐ช
Phenix Info
2026-07-14 00:14:22
(8 hours ago)
SmallGuard.fr/Prestashop Forbidden Ext.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 23:55:55
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 19:55:52.400635 2026] [security2:error] [pid 2497:tid 2497] [client 72.167.36.89:61569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "westonfamily.org"] [uri "/.env"] [unique_id "alV7CFeiiHzzvlcTefJySQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
chronos
2026-07-13 23:43:18
(8 hours ago)
[AUTORAVALT][[13/07/2026 - 20:43:17 -03:00 UTC]
Attack from [GoDaddy.com, LLC]
[72.167.36.89][89.36. ...
show more
[AUTORAVALT][[13/07/2026 - 20:43:17 -03:00 UTC]
Attack from [GoDaddy.com, LLC]
[72.167.36.89][89.36.167.72.host.secureserver.net]
Action: BLocKed
Hacking... Unauthorized attempts to access the server.
Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAd]
...
show less
Hacking
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 23:20:00
(8 hours ago)
176 requests with url.path *.env
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 23:17:24
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 19:17:21.290309 2026] [security2:error] [pid 18584:tid 18584] [client 72.167.36.89:56756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.theledman.com"] [uri "/.env"] [unique_id "alVyAe4YouSNcVc9EERECgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-13 23:05:07
(9 hours ago)
Abuse Detected (75)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 22:49:36
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.ne ...
show more
(mod_security) mod_security (id:210492) triggered by 72.167.36.89 (89.36.167.72.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 18:49:29.083448 2026] [security2:error] [pid 12462:tid 12462] [client 72.167.36.89:57337] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.behrooz.org"] [uri "/.env"] [unique_id "alVreVq-5tdyJcoLIJWaGgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack