๐บ๐ธ
TPI-Abuse
2026-07-02 02:17:04
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:16:57.364933 2026] [security2:error] [pid 25861:tid 25861] [client 120.244.47.125:9661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sydat.se"] [uri "/.env"] [unique_id "akXKGRpOi2aX1ebJyA7S-AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 23:25:10
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:25:05.056861 2026] [security2:error] [pid 10816:tid 10816] [client 120.244.47.125:9433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.malarbodentrollhattan.se"] [uri "/.env"] [unique_id "akWh0eFTPnsTngLBHBQn3QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-01 22:05:52
(22 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-30.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
nyt
2026-07-01 09:34:27
(1 day ago)
Sensitive File Probe, Unauthorized PATCH request to root path.
Web App Attack
๐ณ๐ฑ
Joop
2026-06-29 23:25:32
(2 days ago)
2026-06-30 01:25:29 +0200 s12 /login/index.php
Web App Attack
Anonymous
2026-06-29 22:59:04
(2 days ago)
Bot / scanning and/or hacking attempts: GET /geoserver/rest/about/version.json HTTP/1.1, GET /wp-log ...
show more
Bot / scanning and/or hacking attempts: GET /geoserver/rest/about/version.json HTTP/1.1, GET /wp-login.php HTTP/1.1, GET /geoserver/web/ HTTP/1.1, GET /login/index.php HTTP/1.1, GET / HTTP/1.1, GET /login/ HTTP/1.1
show less
Hacking
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-29 22:22:55
(2 days ago)
Try to access /.env
Web App Attack
๐ฟ๐ฆ
hostsec_za
2026-06-29 17:20:01
(3 days ago)
WHM Auth Attack. 11 failed logins in 1 hour.
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-28 20:59:25
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:59:17.866942 2026] [security2:error] [pid 4745:tid 4745] [client 120.244.47.125:20820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.sguard.co"] [uri "/.env"] [unique_id "akGLJUs6SaMv9x-PVzfB2gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-28 05:11:35
(4 days ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-28 00:02:23
(4 days ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 11 hits.
show less
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-16 19:55:25
(2 weeks ago)
Try to access /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 18:23:01
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 120.244.47.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:22:47.846938 2026] [security2:error] [pid 19092:tid 19092] [client 120.244.47.125:9667] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deborbon.me"] [uri "/.env"] [unique_id "ajBC99PdD7a1USZLMkDrvQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack