๐บ๐ธ
TPI-Abuse
2026-07-03 04:03:38
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:03:31.140907 2026] [security2:error] [pid 8830:tid 8855] [client 103.127.242.43:33924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastesttrademark.com"] [uri "/.env"] [unique_id "akc0k4iJTCLJNmjaP0ZszwAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Darki1962
2026-07-02 18:45:01
(20 hours ago)
11 hits, proto=tcp, ports=443
Port Scan
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-02 14:47:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:47:39.543364 2026] [security2:error] [pid 23224:tid 23224] [client 103.127.242.43:47568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.efsews.com.arsndetx.com"] [uri "/.env"] [unique_id "akZ6C_Rb3XgTUBnlnBS_5QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-02 13:57:25
(1 day ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:48:54
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:48:48.096388 2026] [security2:error] [pid 2470:tid 2470] [client 103.127.242.43:33022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web50.dnchosting.com"] [uri "/.env"] [unique_id "akVE8Drb8iwg1z6tQMkQ3wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 09:45:16
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:45:08.620973 2026] [security2:error] [pid 6520:tid 6520] [client 103.127.242.43:53612] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jonraycreations.com"] [uri "/.env.local"] [unique_id "akThpOHcRnslzyBj0B0gNAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-30 21:40:29
(2 days ago)
15 attempts against mh-modsecurity-ban on cmdb
Brute-Force
Web App Attack
๐ฉ๐ช
SwinT
2026-06-30 21:00:08
(2 days ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ฉ๐ช
filstal.org
2026-06-30 20:35:57
(2 days ago)
Web exploit or injection attempt blocked by ModSecurity WAF.
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:21:58
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:21:53.126377 2026] [security2:error] [pid 24809:tid 24809] [client 103.127.242.43:58390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ferrarapanfitness.com"] [uri "/.env.sample"] [unique_id "akQXUZICvfLaNV-KzyMOIQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
leo1305
2026-06-30 18:44:32
(2 days ago)
CrowdSec detection | scenario: http-sensitive-files
Web App Attack
Exploited Host
๐บ๐ธ
dtorrer
2026-06-30 17:43:27
(2 days ago)
General vulnerability scan.
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-30 14:00:52
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 103.127.242.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:00:05.097197 2026] [security2:error] [pid 23326:tid 23326] [client 103.127.242.43:45880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vitality-webb.com"] [uri "/.env"] [unique_id "akPL5UN0ZS9JqLXQ4PxPdAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-30 13:57:05
(3 days ago)
Try to access /.env
Web App Attack
๐บ๐ธ
Lee Daniel
2026-06-30 11:19:26
(3 days ago)
103.127.242.43 - - [30/Jun/2026:07:19:25 -0400] "GET /.env HTTP/1.1" 403 4827 "-" "Mozilla/5.0 (Wind ...
show more
103.127.242.43 - - [30/Jun/2026:07:19:25 -0400] "GET /.env HTTP/1.1" 403 4827 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack