Anonymous
2026-07-13 15:36:59
(14 hours ago)
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:53 +0200] "GET /wp-content/uploads/admin.php HTTP/2 ...
show more
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:53 +0200] "GET /wp-content/uploads/admin.php HTTP/2.0" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:55 +0200] "GET /wp-admin/images/index.php HTTP/2.0" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:55 +0200] "GET /wp-admin/css/colors/ocean/ HTTP/2.0" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:56 +0200] "GET /wp-admin/images/admin.php HTTP/2.0" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
[redacted] 172.69.130.224 - - [13/Jul/2026:17:36:56 +0200] "GET
...
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 03:05:45
(4 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-06-13 03:06:23
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-10 04:35:38
(1 month ago)
Wordpress malicious attack:[octausername]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 22:23:15
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 18:23:09.602849 2026] [security2:error] [pid 11938:tid 12069] [client 172.69.130.224:11234] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.idealcentralvac.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.idealcentralvac.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ahjATSy5caERQk65l6qE9QAAAQs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 23:04:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 19:04:25.077271 2026] [security2:error] [pid 1885838:tid 1885838] [client 172.69.130.224:10794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.prezence.com"] [uri "/.env_settings"] [unique_id "adWNebc0T-iOJa1LR_wCVwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 21:33:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 17:33:54.479638 2026] [security2:error] [pid 1341966:tid 1341966] [client 172.69.130.224:9767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "phoboschildren.com"] [uri "/admin/.env"] [unique_id "adV4QrrH-ULyi1UhGHSKBQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 06:28:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 02:28:53.700592 2026] [security2:error] [pid 2098427:tid 2098503] [client 172.69.130.224:10641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photo.gallery.the-aquifer.com"] [uri "/.env.backup"] [unique_id "adSkJcZjGo1jQnoasnaTqQAAAQk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 16:05:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 12:05:13.443062 2026] [security2:error] [pid 2197:tid 2249] [client 172.69.130.224:11762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ethicmark.org"] [uri "/.env.production"] [unique_id "adKIOZ9L4bzwRdy-nNRfTwAAAIo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 12:28:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 08:28:49.846746 2026] [security2:error] [pid 6950:tid 6950] [client 172.69.130.224:12930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelcaico.com"] [uri "/.env2"] [unique_id "adJVganuQ7jOT3MlVD-ozwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 06:58:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 02:58:42.332000 2026] [security2:error] [pid 17268:tid 17268] [client 172.69.130.224:10105] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.artspacecleveland.org"] [uri "/.env.save"] [unique_id "adIIIl4CrOOXjmTdKwW6hwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 02:54:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 22:53:54.837713 2026] [security2:error] [pid 22106:tid 22106] [client 172.69.130.224:9304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cmcnow.com"] [uri "/.env2"] [unique_id "adHOwluuPLhMYzTuubuzlgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 01:32:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 21:32:27.203906 2026] [security2:error] [pid 16020:tid 16020] [client 172.69.130.224:10209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vtwins.us"] [uri "/backend/.env"] [unique_id "adG7q6uDIqsxRfG69pqQ8AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 00:43:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 20:43:47.995666 2026] [security2:error] [pid 23906:tid 23906] [client 172.69.130.224:10600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.buanamegah.kairoslogammakmur.com"] [uri "/.env.development"] [unique_id "adGwQ9w4nGgPCQaF1TovHAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 00:21:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 20:21:37.580719 2026] [security2:error] [pid 14126:tid 14126] [client 172.69.130.224:11913] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glendaleheritage.org"] [uri "/admin/.env"] [unique_id "adGrEaImYUX3JgMNrem66wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack