๐ง๐ท
Halux
2026-07-06 23:25:06
(1 day ago)
112.120.48.146 Probing protected path or service
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 11:59:54
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 07:59:50.313503 2026] [security2:error] [pid 10830:tid 10830] [client 112.120.48.146:24628] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "houston-church-of-god.org"] [uri "/.env.example"] [unique_id "akuYtq1FXkaDGaIwXxhzNgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
XICTRON
2026-07-06 11:45:05
(2 days ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 10:26:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 06:26:33.471103 2026] [security2:error] [pid 8211:tid 8211] [client 112.120.48.146:63228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "helpkccare.org"] [uri "/.env.local"] [unique_id "akuC2echzDjuy0YuBiJBGQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dunham Support
2026-07-05 23:45:12
(2 days ago)
(mod_security) mod_security triggered on hostname [redacted] 112.120.48.146 (HK/Hong Kong/n112120481 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 112.120.48.146 (HK/Hong Kong/n11212048146.netvigator.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-05 11:28:38
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:28:34.531790 2026] [security2:error] [pid 2213:tid 2232] [client 112.120.48.146:23512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giere.org"] [uri "/.env"] [unique_id "ako_4tfSLwBvS70sQlTangAAANE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
www.tana.it
2026-07-04 20:25:57
(3 days ago)
PHP scan
Web App Attack
๐ซ๐ท
dynamix
2026-07-04 10:07:57
(4 days ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
webko.si
2026-07-03 16:06:25
(4 days ago)
DKK: Bruteforce web app access, URI detail: '/.git/config'.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 14:05:21
(5 days ago)
(mod_security) mod_security (id:949110) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:949110) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 10:05:11.245191 2026] [security2:error] [pid 25542:tid 25542] [client 112.120.48.146:4628] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "delcano.org"] [uri "/.env.local"] [unique_id "akfBl2ZWo94Xe9BRn7yK4gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:58:46
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:58:41.215042 2026] [security2:error] [pid 6240:tid 6240] [client 112.120.48.146:30428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demircan.org"] [uri "/.env"] [unique_id "akd5wQnegLRhmiJNp9P3OQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
technojoe99
2026-07-03 07:48:36
(5 days ago)
Exploit scan from 112.120.48.146. GET /.git/config HTTP/1.1.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:55:50
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:55:47.388413 2026] [security2:error] [pid 11564:tid 11564] [client 112.120.48.146:64304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crescentcitycafe.org"] [uri "/.env.staging"] [unique_id "akdA037DLyiaF22SqDPMlgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 22:27:55
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:27:49.689860 2026] [security2:error] [pid 3995:tid 3995] [client 112.120.48.146:47212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compassionfatigue.org"] [uri "/.env.local"] [unique_id "akbl5dW-CJhXDTnXXrTjiAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 20:11:30
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 112.120.48.146 (n11212048146.netvigator.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:11:24.870709 2026] [security2:error] [pid 16657:tid 16657] [client 112.120.48.146:48664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cornerstonecharitablescholarshiptrust.org"] [uri "/.env.development"] [unique_id "akbF7AUJrNvTTwtfdgCDEQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack