๐บ๐ธ
TPI-Abuse
2026-04-04 10:44:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 06:44:32.948907 2026] [security2:error] [pid 1231:tid 1270] [client 172.71.223.38:12136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aglsolidwaste.com"] [uri "/.env2"] [unique_id "adDrkNUnsZvzHqEidZ6HvgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 05:33:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 01:33:12.450238 2026] [security2:error] [pid 1602:tid 1602] [client 172.71.223.38:13011] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ballast-capital.com"] [uri "/.env_secret"] [unique_id "adCimFP4MOGabMCPdvrXywAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 11:34:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 07:34:31.034463 2026] [security2:error] [pid 2882:tid 2882] [client 172.71.223.38:10078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tevalaur.com"] [uri "/backend/.env"] [unique_id "ac-lxxtcdN2fMu0hqcClkwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 08:17:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 04:17:24.479742 2026] [security2:error] [pid 19038:tid 19038] [client 172.71.223.38:13591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.helpkccare.org"] [uri "/root/.env"] [unique_id "ac93lPQfFNGIgfSiefdm1gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 05:17:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 01:17:38.033084 2026] [security2:error] [pid 23742:tid 23742] [client 172.71.223.38:10250] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stormstrips.com"] [uri "/.env.staging"] [unique_id "ac9NclPXD9K9BKTj66YX8gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 04:52:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 00:52:25.940186 2026] [security2:error] [pid 5869:tid 5869] [client 172.71.223.38:13499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.register-yacht-bahamas.com"] [uri "/.env.dev.local"] [unique_id "ac9HieA2TlYrowoiuGdR6wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 21:06:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:05:58.669641 2026] [security2:error] [pid 9529:tid 9529] [client 172.71.223.38:14240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.andy-blakk.org"] [uri "/.env_config"] [unique_id "ac7aNojChGe-aBIOuODalQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 18:27:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 14:27:06.825155 2026] [security2:error] [pid 26537:tid 26537] [client 172.71.223.38:14160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "demondomain.com"] [uri "/.env.staging"] [unique_id "ac60-uQuPyjn3TdN1LhZAAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 16:39:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 12:38:52.829252 2026] [security2:error] [pid 3985:tid 3985] [client 172.71.223.38:13825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.skomaxentertainment.com"] [uri "/.env.development.local"] [unique_id "ac6bnBwTeA0U-NtpEtoT5AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 13:54:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 09:54:14.294953 2026] [security2:error] [pid 31896:tid 31896] [client 172.71.223.38:10350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "san-marino-boat-registration.com"] [uri "/.env.old"] [unique_id "ac51BtsgEndD1Fp-aolO2QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 13:19:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 09:19:44.402810 2026] [security2:error] [pid 8626:tid 8626] [client 172.71.223.38:10562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lonescouting.us"] [uri "/.env.backup"] [unique_id "ac5s8I8lW8k3vqu5DvxXIQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 06:31:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 02:30:51.863352 2026] [security2:error] [pid 27247:tid 27247] [client 172.71.223.38:12449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.omintara.com"] [uri "/.env2"] [unique_id "ac4NGy8Yzc0qN-N-G8_ctgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 05:49:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 01:48:51.793927 2026] [security2:error] [pid 14376:tid 14376] [client 172.71.223.38:10477] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coolray.net"] [uri "/home/.env"] [unique_id "ac4DQ0Tj1TsHaDcdrif_ewAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 19:31:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 15:31:13.532708 2026] [security2:error] [pid 10778:tid 10778] [client 172.71.223.38:10934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "studio66.chapa.net"] [uri "/.env.backup"] [unique_id "ac1ygZoA0nGAktTyZ5_LkQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 08:54:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 04:54:12.624297 2026] [security2:error] [pid 20985:tid 20985] [client 172.71.223.38:10246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.carinsteen.com"] [uri "/.env.save"] [unique_id "aczdNODZmS0JxmMrrAh9LgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack