๐บ๐ธ
TPI-Abuse
2026-07-17 13:28:31
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:28:25.167580 2026] [security2:error] [pid 9140:tid 9140] [client 14.29.247.13:42795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dougwong.dvdmasters.com"] [uri "/.env.swp"] [unique_id "alot-WOQuO9bmECx5dWVyAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:01:43
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:01:35.834025 2026] [security2:error] [pid 670397:tid 670397] [client 14.29.247.13:33428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.npk.parkhan.com"] [uri "/.env.prod"] [unique_id "aln9f82t2ay7UFHqgDdSWQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:34:50
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:34:45.812011 2026] [security2:error] [pid 2561:tid 2561] [client 14.29.247.13:57448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.nowdigitaltalent.com"] [uri "/.env.backup"] [unique_id "alnpJbUU_yk8z0M30a8tvQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:32:21
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:32:16.502339 2026] [security2:error] [pid 21324:tid 21324] [client 14.29.247.13:43220] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.asiancommoditiescorporation.com"] [uri "/.env.prod"] [unique_id "alnMcLkXiaZchWhcyyBzyQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 04:16:59
(18 hours ago)
(caddyscan) Scanner path probe from 14.29.247.13 (CN/China/-): 5 in the last 3600 secs; Ports: *; Di ...
show more
(caddyscan) Scanner path probe from 14.29.247.13 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 14.29.247.13 - - [17/Jul/2026:04:16:54 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 14.29.247.13 - - [17/Jul/2026:04:16:55 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 14.29.247.13 - - [17/Jul/2026:04:16:55 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 14.29.247.13 - - [17/Jul/2026:04:16:55 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 14.29.247.13 - - [17/Jul/2026:04:16:56 +0000] "GET /.env.dev HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-17 03:32:20
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:32:13.083840 2026] [security2:error] [pid 21700:tid 21700] [client 14.29.247.13:35178] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forums.underraided.com"] [uri "/.env.dev"] [unique_id "almiPc-88uCuVw7voRMQ3AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:07:56
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:07:47.334844 2026] [security2:error] [pid 150967:tid 150967] [client 14.29.247.13:37842] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howtolivegreener.com.easyweb-publishing.com"] [uri "/.env"] [unique_id "almcg7NVjffV4O3mhFLFswAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:37:52
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:37:46.142786 2026] [security2:error] [pid 28151:tid 28151] [client 14.29.247.13:35199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwars.net"] [uri "/.env.dev"] [unique_id "almVek7UgEYPWQvKl_L0MgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:48:48
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:48:42.073767 2026] [security2:error] [pid 775766:tid 775766] [client 14.29.247.13:36661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerlessons.net.rejuvenationsystems.com"] [uri "/.env.development"] [unique_id "almJ-uxiw1c7Nndpp32R5wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-17 01:23:16
(21 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-17 01:15:05
(21 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 23:22:02
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 19:21:55.944102 2026] [security2:error] [pid 3686:tid 3686] [client 14.29.247.13:36218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clockandnightlight.com"] [uri "/.envrc"] [unique_id "allnk_uy5ylPhnaX_tuAfQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:56:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 14.29.247.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:56:45.506703 2026] [security2:error] [pid 16184:tid 16184] [client 14.29.247.13:49023] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.asttechgroup.com.greenlight.us"] [uri "/.env.local"] [unique_id "allTncWlgD0-v-Dz2s27EQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 21:09:26
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 20:50:03
(1 day ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack