Anonymous
2026-07-08 22:19:13
(1 day ago)
LH-Watcher: FAKE_ID [Fake Googlebot]
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-29 11:51:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 07:51:00.980786 2026] [security2:error] [pid 12788:tid 12788] [client 104.253.55.44:52971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.perissosdigitalmarketing.com.kevinfranz.com"] [uri "/sftp-config.json"] [unique_id "ahl9pIiULwNcS_jY6SaGZAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-29 09:02:11
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 05:02:06.471124 2026] [security2:error] [pid 13936:tid 13936] [client 104.253.55.44:37351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "syscompcuenca.com"] [uri "/.env.dusk.local"] [unique_id "ahlWDjF36PY0fpVGK-wjXgAAAAE"], referer: https://www.google.com/search?q=syscompcuenca.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-28 22:04:00
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-28 16:36:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 12:36:25.969116 2026] [security2:error] [pid 6869:tid 6869] [client 104.253.55.44:37887] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tnthandy.com.inetbrain.com"] [uri "/wp-config.php.save"] [unique_id "ahhvCVDOAqZZNG-h3WhSWQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 23:38:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 19:38:39.265789 2026] [security2:error] [pid 24533:tid 24533] [client 104.253.55.44:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pixacast.com"] [uri "/.env.dev"] [unique_id "aheAfyJSDp0jIu3GZWswXAAAACc"], referer: https://www.google.com/search?q=webdisk.pixacast.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 17:53:11
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 13:53:03.442828 2026] [security2:error] [pid 25770:tid 25770] [client 104.253.55.44:50953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "integritysecurity.us"] [uri "/.env.dev"] [unique_id "ahcvf58D3WPMSJjVkScZigAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 00:22:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.253.55.44 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:22:24.607410 2026] [security2:error] [pid 18104:tid 18104] [client 104.253.55.44:34563] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sanjuangrange.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sanjuangrange.org"] [uri "/db_backup.sql"] [unique_id "ahY5QGMaoeBXoQmJ2PXW4AAAAAs"], referer: https://www.google.com/search?q=sanjuangrange.org
show less
Brute-Force
Bad Web Bot
Web App Attack