πΊπΈ
TPI-Abuse
2026-07-04 14:49:46
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 10:49:42.437525 2026] [security2:error] [pid 18724:tid 18804] [client 141.11.146.77:63538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ethicmark.org"] [uri "/.env"] [unique_id "akkdhoS2K2WtjI3fHVZmFgAAAM8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Octopuce
2026-07-03 15:55:36
(1 day ago)
Aggressive web search of vulnerable pages: /wp-json/ /.env /.env.local /docker-compose.yml /docker-c ...
show more
Aggressive web search of vulnerable pages: /wp-json/ /.env /.env.local /docker-compose.yml /docker-compose.override.yml /config.yml /config/dat ...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 15:00:10
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:00:04.227593 2026] [security2:error] [pid 11219:tid 11219] [client 141.11.146.77:14527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dentsville398.org"] [uri "/.env.staging"] [unique_id "akfOdK-5XYgKL8ZOOkR-vwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 07:00:29
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:00:23.315842 2026] [security2:error] [pid 29627:tid 29627] [client 141.11.146.77:51095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctjcisenate.org"] [uri "/.env.development"] [unique_id "akdeB1gK3OKabXQ3R_fKwgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 06:21:14
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:21:06.515493 2026] [security2:error] [pid 12802:tid 12852] [client 141.11.146.77:59571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daviscountyossr.org"] [uri "/wp-config.php.bak"] [unique_id "akdU0uXvAwbx9B2CWJ1ZXQAAAVE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 18:21:00
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:20:52.616222 2026] [security2:error] [pid 31537:tid 31537] [client 141.11.146.77:2663] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "conquesticon.org"] [uri "/.env.local"] [unique_id "akasBH0phKJ7FwgFJs2YgAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 09:20:59
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:20:51.855851 2026] [security2:error] [pid 24319:tid 24319] [client 141.11.146.77:35892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circleway.org"] [uri "/.env.development"] [unique_id "akYtcw5mND2fyVZ2C8VAUQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 20:09:24
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 16:09:19.411330 2026] [security2:error] [pid 28289:tid 28289] [client 141.11.146.77:1861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "budinger.org"] [uri "/.env"] [unique_id "akVz7z64vVyGfoJZE_4JSgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 18:53:59
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:53:53.619737 2026] [security2:error] [pid 26950:tid 27034] [client 141.11.146.77:2615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bronnimann.org"] [uri "/.env.local"] [unique_id "akViQW_Ojv9vTO6tS-a47AAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
blinx
2026-06-28 10:25:04
(6 days ago)
Suspicious activity detected by Modsecurity
Web Spam
Port Scan
Hacking
Bad Web Bot
Web App Attack
π²π½
octageeks.com
2026-06-28 04:07:54
(6 days ago)
Wordpress malicious attack:[octablocked]
Web App Attack
π¬π§
thetomtaylor.co.uk
2026-06-26 21:09:01
(1 week ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice02,mx01,mx02,mx03]
Bad Web Bot
Web App Attack
π¬π§
thetomtaylor.co.uk
2026-06-26 19:06:01
(1 week ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 22:25:19
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.11.146.77 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:25:09.020273 2026] [security2:error] [pid 19043:tid 19043] [client 141.11.146.77:49637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ospectra.ai"] [uri "/.env.example"] [unique_id "ajxZRYZilaf55lYUUt2wLwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mccsoft.io
2026-06-24 12:14:10
(1 week ago)
Web application attack / vulnerability scanning. Source sent 2 HTTP request(s) (2 distinct paths) to ...
show more
Web application attack / vulnerability scanning. Source sent 2 HTTP request(s) (2 distinct paths) to our public nginx web server on TCP 80/443, probing blocked/sensitive paths; all returned HTTP 444 (connection closed by security rule, jail nginx-444). Sample requests: GET /api/v1/namespaces/default/secrets | GET /.zshrc. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) V. Observed 2026-06-24 12:12:27 to 2026-06-24 12:12:40 UTC. TCP handshake completed (requests fully received). Categories: Web App Attack / Bad Web Bot.
show less
Bad Web Bot
Web App Attack