๐บ๐ธ
TPI-Abuse
2026-07-17 14:35:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:35:45.724687 2026] [security2:error] [pid 2783:tid 2783] [client 8.218.38.219:33340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "idahouspsa.com"] [uri "/.env"] [unique_id "alo9wUTpp8gtqGtv_5f_JQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:19:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:19:26.363799 2026] [security2:error] [pid 19902:tid 19902] [client 8.218.38.219:53718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teamgravity.ca"] [uri "/.env"] [unique_id "aloPvpgC0kX7TrgQKW0YwwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
raph
2026-07-17 08:54:43
(1 day ago)
[DOT FILES] crawler *.env*, .git*, .config*, etc.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:53:56
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:53:50.549105 2026] [security2:error] [pid 414135:tid 414135] [client 8.218.38.219:38582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "armstrongpartnersllc.com.ssl-grp.com"] [uri "/.env.bak"] [unique_id "alnfjjy2ga5m7TYObhy5igAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-17 04:30:08
(1 day ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:07:55
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:07:46.729274 2026] [security2:error] [pid 15672:tid 15672] [client 8.218.38.219:43534] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sprek.net.sprektech.com"] [uri "/.env.dev"] [unique_id "almcgu6FAvPvbzEBlBgkjgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-17 02:52:32
(1 day ago)
csagent: score 20.0: secrets grab x2; 1 domain(s) in 0s
Web App Attack
๐ง๐พ
lns.bz
2026-07-16 23:10:51
(1 day ago)
Too many 404 requests [BY]
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-16 22:59:32
(1 day ago)
Try to access /app/.env
Web App Attack
Anonymous
2026-07-16 20:19:43
(1 day ago)
Multiple web server 400 error codes from same source ip
Web App Attack
Anonymous
2026-07-16 19:50:06
(1 day ago)
| [Dangerous/Hong Kong] Aggressive IP 8.218.38.219 (~30 hits). Type: DoS Defender- Web server 400 er ...
show more
| [Dangerous/Hong Kong] Aggressive IP 8.218.38.219 (~30 hits). Type: DoS Defender- Web server 400 error code
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-16 18:58:05
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:56:36.471026 2026] [security2:error] [pid 19889:tid 19889] [client 8.218.38.219:39808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jaglady.com"] [uri "/.env.dev"] [unique_id "alkpZAPp7nAnGY8ZGKZUwQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:13:25
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:13:21.904428 2026] [security2:error] [pid 30163:tid 30163] [client 8.218.38.219:40110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftrealestate.kraftrentals.com"] [uri "/.env.development.local"] [unique_id "alkfQbdeNEY8qgfXHsGlGgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:46:34
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:46:30.053483 2026] [security2:error] [pid 17787:tid 17787] [client 8.218.38.219:48738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gfsprod.com"] [uri "/.env"] [unique_id "alkY9rwlz8WgIeExCCETCwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:30:34
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.218.38.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:30:20.435244 2026] [security2:error] [pid 5291:tid 5291] [client 8.218.38.219:39158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ispeakmusic.com"] [uri "/.env.development"] [unique_id "alkVLJYslti4_21egzh1ZgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack