๐บ๐ธ
TPI-Abuse
2026-07-15 20:52:38
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 16:52:32.947773 2026] [security2:error] [pid 8985:tid 8985] [client 104.23.187.13:10742] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.clowaterart.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.clowaterart.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alfzEA-3uN7eA3MfrK4sygAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 20:31:53
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 16:31:45.184507 2026] [security2:error] [pid 5593:tid 5593] [client 104.23.187.13:12651] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.gp-cm.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.gp-cm.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alfuMSYfcHCTsHz1hkbV9gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 04:19:24
(2 weeks ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐จ๐ฆ
polycoda
2026-04-29 12:20:46
(2 months ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
๐จ๐ฆ
polycoda
2026-03-31 10:35:42
(3 months ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:30:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:30:17.129013 2026] [security2:error] [pid 24919:tid 24919] [client 104.23.187.13:10584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.dunnretired.com"] [uri "/srv/.env"] [unique_id "acps2ftVwQgqi9skodjA3gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 07:52:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:52:05.160944 2026] [security2:error] [pid 20751:tid 20751] [client 104.23.187.13:13936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notforhirellc.com"] [uri "/www/.env"] [unique_id "abz8pfDdLbbJpW9mnVmekgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:58:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:58:07.720591 2026] [security2:error] [pid 23179:tid 23179] [client 104.23.187.13:10626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.assheton.com"] [uri "/.env_backup"] [unique_id "abzv_1FnlgmbYlcPLLB-GgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 05:43:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 01:43:47.033304 2026] [security2:error] [pid 18775:tid 18775] [client 104.23.187.13:13706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.centralbaptistalcoa.org"] [uri "/.env2"] [unique_id "abzek-6HehFC5yK4YfB3ywAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:13:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:13:02.979601 2026] [security2:error] [pid 9598:tid 9598] [client 104.23.187.13:12971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.title44.com.itaxcenter.com"] [uri "/.env.example"] [unique_id "abzJTtUttY_Zyk4DZfrBgQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:28:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:28:06.694938 2026] [security2:error] [pid 22236:tid 22236] [client 104.23.187.13:11577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.notaryfunding.com"] [uri "/.env2"] [unique_id "aby-xqYzVbFiiTmEuz_BDwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:04:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:04:05.128981 2026] [security2:error] [pid 23799:tid 23799] [client 104.23.187.13:10946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxbgsanta.com"] [uri "/.env.dev.local"] [unique_id "aby5JRPJ0kjLT-Vv2YXCIAAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:40:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:40:35.395492 2026] [security2:error] [pid 12054:tid 12054] [client 104.23.187.13:14078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.fundingworkingcapital.com"] [uri "/.env_config"] [unique_id "abylk6yJxpo14nv_tZk0pgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:13:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:13:52.151579 2026] [security2:error] [pid 29218:tid 29218] [client 104.23.187.13:14214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.accordionstars.com"] [uri "/.env.container"] [unique_id "abyfUND2q_LtsNOvwkx6bgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:19:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.187.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:19:51.513131 2026] [security2:error] [pid 5753:tid 5784] [client 104.23.187.13:14277] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.pwihatah.com"] [uri "/.env.local"] [unique_id "abvb117alC5V06deuhQnHgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack