๐บ๐ธ
mawan
2026-07-11 09:17:27
(4 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 12:18:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:18:26.521542 2026] [security2:error] [pid 5248:tid 5262] [client 172.69.130.244:13619] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.thompsonhypnotherapy.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.thompsonhypnotherapy.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aigEkvGqcUIQ8GBwSKzR0gAAAUw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 08:10:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:09:59.934678 2026] [security2:error] [pid 2147723:tid 2147723] [client 172.69.130.244:9587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.grabnerconsulting.com"] [uri "/.env.backup"] [unique_id "adYNVxaszZR0OGjX8JN_GgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 09:05:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 05:05:06.303891 2026] [security2:error] [pid 961209:tid 961209] [client 172.69.130.244:10517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.concertosupport.com"] [uri "/site/.env"] [unique_id "adTIwgFBqnrgpfjTc2WbOgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 08:07:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 04:07:32.652553 2026] [security2:error] [pid 973330:tid 973330] [client 172.69.130.244:12648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.littlebiglebanon.com"] [uri "/core/.env"] [unique_id "adS7RPo0-jL-JO2Z5U1WLwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 16:14:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 12:14:09.040846 2026] [security2:error] [pid 280900:tid 280900] [client 172.69.130.244:11823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.georgesmarina.com"] [uri "/.env.dist"] [unique_id "adPb0eFUil_EMAFq9yTJ7wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 08:29:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 04:29:04.149827 2026] [security2:error] [pid 19311:tid 19311] [client 172.69.130.244:12487] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.clearlakelots.com"] [uri "/.env.production.bak"] [unique_id "adNu0OxfSqPLiutlVQUtIwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 06:10:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 02:10:05.888066 2026] [security2:error] [pid 1403:tid 1403] [client 172.69.130.244:14147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.propertysubscription.com"] [uri "/.git/refs/heads/main"] [unique_id "adNOPfeigPP0hRypoHqc9gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 16:54:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 12:54:10.067491 2026] [security2:error] [pid 13374:tid 13374] [client 172.69.130.244:11094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.stardancertantra.com"] [uri "/.env.production"] [unique_id "adKTsvTbeKbFJFCOsGjKFgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 14:49:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 10:49:42.551628 2026] [security2:error] [pid 18345:tid 18345] [client 172.69.130.244:10624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.jitterbugswing.com"] [uri "/core/.env"] [unique_id "adJ2hmxvD7P24ZU8ef74JAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 06:58:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 02:58:43.526411 2026] [security2:error] [pid 16918:tid 16918] [client 172.69.130.244:13020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.artspacecleveland.org"] [uri "/config/.env"] [unique_id "adIII8lRmsEKv0agBU4yGAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 17:40:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 13:40:30.007518 2026] [security2:error] [pid 30836:tid 30836] [client 172.69.130.244:12647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.sanvicentedelraspeig.com"] [uri "/.env.dist"] [unique_id "adFNDhtMbNVfNk8V1BUfRwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 15:42:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 11:42:36.874049 2026] [security2:error] [pid 713:tid 713] [client 172.69.130.244:9525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.accinternational.net"] [uri "/.env1"] [unique_id "adExbPUoi1Ggv4KMYu_QKgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 12:38:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:37:55.698831 2026] [security2:error] [pid 2623:tid 2623] [client 172.69.130.244:10658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.garciadomingo.com"] [uri "/.env.example"] [unique_id "adEGIys1nOHJivXkdN8cEwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 09:56:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.69.130.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 05:56:17.518403 2026] [security2:error] [pid 29622:tid 29622] [client 172.69.130.244:14204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.depcare.com"] [uri "/.env.production.bak"] [unique_id "adDgQflkrA7m0Lzo6hXjEgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack