๐บ๐ธ
mawan
2026-07-06 14:17:32
(3 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ช๐ธ
alferez
2026-06-22 01:21:19
(2 weeks ago)
Multiple WP Login Attack
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
chrisj
2026-06-04 06:03:23
(1 month ago)
[Thu Jun 04 06:03:22.537139 2026] [proxy_fcgi:error] [pid 188969:tid 188969] [client 172.68.245.16:1 ...
show more
[Thu Jun 04 06:03:22.537139 2026] [proxy_fcgi:error] [pid 188969:tid 188969] [client 172.68.245.16:10947] AH01071: Got error 'Primary script unknown'
[Thu Jun 04 06:03:22.690163 2026] [proxy_fcgi:error] [pid 188969:tid 188969] [client 172.68.245.16:10947] AH01071: Got error 'Primary script unknown'
[Thu Jun 04 06:03:22.830786 2026] [proxy_fcgi:error] [pid 188969:tid 188969] [client 172.68.245.16:10947] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-15 08:49:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:48:55.261545 2026] [security2:error] [pid 13411:tid 13420] [client 172.68.245.16:13900] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pluralmatrix.cynosureinternetservices.com"] [uri "/.env.dev"] [unique_id "agbd90UEM4JlpjNBSoLq2gAAAAY"], referer: https://www.google.com/search?q=www.pluralmatrix.cynosureinternetservices.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:20
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mawan
2026-05-14 19:08:27
(1 month ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-04-22 22:00:21
(2 months ago)
Auto-ban: >3000 req/min op 2026-04-22
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-31 10:22:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 06:22:16.525856 2026] [security2:error] [pid 14067:tid 14067] [client 172.68.245.16:13604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.asdfwordpro.com"] [uri "/.git/refs/heads/master"] [unique_id "acugWEMxGyMSQ6v_YIeq_gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 05:55:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 01:54:56.066023 2026] [security2:error] [pid 2290:tid 2290] [client 172.68.245.16:14087] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.houstontenemosunproblema.com"] [uri "/admin/.env"] [unique_id "acthsGp-j85M8G0jXgt2mwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 00:38:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 20:38:04.386056 2026] [security2:error] [pid 13013:tid 13013] [client 172.68.245.16:12995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cipcug.vccemail.net"] [uri "/private/.env"] [unique_id "acsXbDIvx-fSMMMGEhJZNAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 18:11:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 14:11:06.278098 2026] [security2:error] [pid 30916:tid 30916] [client 172.68.245.16:13959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.testrong.com"] [uri "/config/.env.local"] [unique_id "acq8usCRaD4M12lyqiZXQQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 14:37:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 10:37:19.642622 2026] [security2:error] [pid 29628:tid 29628] [client 172.68.245.16:12407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.luxandunion.com"] [uri "/.env.local"] [unique_id "acqKn3i_YF3dAay3-afOJwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 10:55:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 06:55:34.077017 2026] [security2:error] [pid 15226:tid 15226] [client 172.68.245.16:10922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tonynvn.me"] [uri "/.env.development.local"] [unique_id "acpWphZfRSSsqCo97R0fqQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 10:40:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 06:40:28.095227 2026] [security2:error] [pid 3539:tid 3539] [client 172.68.245.16:10096] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "castelan.anxo.org"] [uri "/.env.dist"] [unique_id "acpTHHcbg4hrNKg3HM4magAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 04:45:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.245.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 00:45:42.023868 2026] [security2:error] [pid 2864:tid 2864] [client 172.68.245.16:10088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jfordclanrecipes.com"] [uri "/.env.dist"] [unique_id "acn_9snSRWJpfk5p6D67QwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack