๐บ๐ธ
TPI-Abuse
2026-07-11 14:13:03
(38 minutes ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 10:12:57.616024 2026] [security2:error] [pid 25124:tid 25124] [client 15.204.93.232:44476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbmanufacturing.com"] [uri "/.env"] [unique_id "alJPacXZc7ZgC40HyLECTwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-11 13:56:16
(55 minutes ago)
GraphQL Probe, Empty UA + 404
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 13:15:06
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 09:14:56.246069 2026] [security2:error] [pid 16600:tid 16600] [client 15.204.93.232:44434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cncservices.ws"] [uri "/.env"] [unique_id "alJB0IYrPNGuMhmQgv5wPAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 12:56:03
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 08:55:58.170144 2026] [security2:error] [pid 24044:tid 24044] [client 15.204.93.232:51346] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coretherapyassoc.com"] [uri "/.env"] [unique_id "alI9Xux-_ON99VCj0_-nDQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 11:43:14
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 07:43:07.441482 2026] [security2:error] [pid 27454:tid 27454] [client 15.204.93.232:33562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbcconsult.com"] [uri "/.env"] [unique_id "alIsS2oyJeVDWQDKhlQMnQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-11 11:14:21
(3 hours ago)
GraphQL Probe, Empty UA + POST
Web App Attack
Anonymous
2026-07-11 11:04:24
(3 hours ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-10 20:51:40
(17 hours ago)
15.204.93.232 - - [10/Jul/2026:16:51:31 -0400] "GET /actuator/env HTTP/1.0" 404 5748 "-" "Mozilla/5. ...
show more
15.204.93.232 - - [10/Jul/2026:16:51:31 -0400] "GET /actuator/env HTTP/1.0" 404 5748 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:16:51:32 -0400] "GET /actuator/configprops HTTP/1.0" 404 5748 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:16:51:38 -0400] "GET /.git/config HTTP/1.0" 404 5748 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:16:51:39 -0400] "GET /.git/HEAD HTTP/1.0" 404 5748 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:16:51:39 -0400] "GET /.svn/entries HTTP/1.0" 404 5748 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 17:38:18
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 13:38:12.842943 2026] [security2:error] [pid 2375:tid 2375] [client 15.204.93.232:33488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pbhomesinc.net"] [uri "/.env"] [unique_id "alEuBJay3CB13vGRf5cILwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-10 17:23:37
(21 hours ago)
15.204.93.232 - - [10/Jul/2026:13:23:35 -0400] "GET /actuator HTTP/1.0" 404 10368 "-" "Mozilla/5.0 ( ...
show more
15.204.93.232 - - [10/Jul/2026:13:23:35 -0400] "GET /actuator HTTP/1.0" 404 10368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:13:23:35 -0400] "GET /actuator/env HTTP/1.0" 404 10368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:13:23:35 -0400] "GET /server-status HTTP/1.0" 404 10368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:13:23:35 -0400] "GET /actuator/configprops HTTP/1.0" 404 10368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.93.232 - - [10/Jul/2026:13:23:36 -0400] "GET /.env HTTP/1.0" 404 10368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
๐ฌ๐ง
SilverZippo
2026-07-10 16:24:39
(22 hours ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 16:02:45
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 12:02:39.580802 2026] [security2:error] [pid 2535:tid 2535] [client 15.204.93.232:43624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greenmountainfeeds.com"] [uri "/.env"] [unique_id "alEXn_8dik3mqFH8itmHbAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 13:57:12
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.93.232 (vps-d487e937.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 09:57:09.101224 2026] [security2:error] [pid 18573:tid 18573] [client 15.204.93.232:52756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tsiwny.org"] [uri "/.env"] [unique_id "alD6NQbfkqMoFPZYoqIIUgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 13:36:29
(1 day ago)
Banned by Fail2Ban on server
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-10 13:30:05
(1 day ago)
ModSecurity rule 949110 triggered on d865. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking