๐บ๐ธ
TPI-Abuse
2026-07-17 00:17:20
(20 minutes ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:17:12.527223 2026] [security2:error] [pid 25568:tid 25568] [client 175.6.143.212:37441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alrevora.com"] [uri "/.env.swp"] [unique_id "all0iB9D1eTyqpknoOiVEwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 22:10:43
(2 hours ago)
(caddyscan) Scanner path probe from 175.6.143.212 (CN/China/-): 5 in the last 3600 secs; Ports: *; D ...
show more
(caddyscan) Scanner path probe from 175.6.143.212 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 175.6.143.212 - - [16/Jul/2026:21:17:10 +0000] "GET /.env.old HTTP/1.1"
[REDACTED] 200 2627 175.6.143.212 - - [16/Jul/2026:22:04:34 +0000] "GET /.env.template HTTP/1.1"
[REDACTED] 200 2627 175.6.143.212 - - [16/Jul/2026:22:10:39 +0000] "GET /.env.save HTTP/1.1"
[REDACTED] 200 2627 175.6.143.212 - - [16/Jul/2026:22:10:39 +0000] "GET /.env.old HTTP/1.1"
[REDACTED] 200 2627 175.6.143.212 - - [16/Jul/2026:22:10:39 +0000] "GET /.env.bak HTTP/1.1"
show less
Port Scan
๐จ๐ญ
4server
2026-07-16 21:52:48
(2 hours ago)
[ThuJul1623:52:43.2523342026][security2:error][pid1473269:tid1473518][client175.6.143.212:0]ModSecur ...
show more
[ThuJul1623:52:43.2523342026][security2:error][pid1473269:tid1473518][client175.6.143.212:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"aidweb.ch.81-17-25-250.cpanel.site\"][uri\"/.env.dev\"][unique_id\"allSq1EJcC0OZPhx3AedLgAAAQE\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:43:55
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:43:51.191724 2026] [security2:error] [pid 26781:tid 26781] [client 175.6.143.212:55886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icaruscreativearts.com"] [uri "/.env.production"] [unique_id "allChwyzMmRNVO_-yIdUOwAAAD4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:07:45
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:05:38.233907 2026] [security2:error] [pid 21605:tid 21605] [client 175.6.143.212:40224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bosch.pamplonaserviciotecnico.com"] [uri "/.env.staging"] [unique_id "alk5ktLa6tInxRGju6AVcgAAADM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:46:47
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:46:44.113232 2026] [security2:error] [pid 21838:tid 21838] [client 175.6.143.212:59072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slattery-law.com"] [uri "/.env.bak"] [unique_id "alk1JJMjiogrsq6ZbupjyAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 19:27:16
(5 hours ago)
[server.tmg.gr] httpd-config-scan: sites=www.ird2019.gr; logs=/var/log/httpd/domains/ird2019.gr.log; ...
show more
[server.tmg.gr] httpd-config-scan: sites=www.ird2019.gr; logs=/var/log/httpd/domains/ird2019.gr.log; samples=/root/.config/gcloud/application_default_credentials.json | /root/.config/gcloud/credentials.db | /home/ubuntu/.config/gcloud/application_default_credentials.json
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:57:30
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:57:19.591395 2026] [security2:error] [pid 20805:tid 20805] [client 175.6.143.212:51442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.astglobal.com.greenlight.us"] [uri "/.env.template"] [unique_id "alkpj4wL8zd3VzoDMJ_d7QAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:17:25
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:17:22.322808 2026] [security2:error] [pid 2991:tid 2991] [client 175.6.143.212:59790] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mvpbees.com"] [uri "/.env"] [unique_id "alkgMmECmuydreB7kDcOBAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 18:15:03
(6 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
Anonymous
2026-07-16 18:10:04
(6 hours ago)
| [Dangerous/China] Aggressive IP 175.6.143.212 (~30 hits). Type: DoS Defender- Web server 400 error ...
show more
| [Dangerous/China] Aggressive IP 175.6.143.212 (~30 hits). Type: DoS Defender- Web server 400 error code
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-16 17:51:10
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:51:05.136210 2026] [security2:error] [pid 28005:tid 28005] [client 175.6.143.212:45438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.edgecomix.edgeimprov.com"] [uri "/.env.production.local"] [unique_id "alkaCXQTfnZ1Hwvsoepz_wAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:33:30
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:33:00.296791 2026] [security2:error] [pid 18935:tid 18935] [client 175.6.143.212:44084] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.goldsealinspect.weyoungrenovations.com"] [uri "/.env.prod"] [unique_id "alkVzHzON1U5vdzhUvLuwgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:04:37
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:04:22.903617 2026] [security2:error] [pid 26930:tid 26930] [client 175.6.143.212:53764] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cuch.net"] [uri "/storage/framework/.env"] [unique_id "alkPFvalCflrYHHyxhreeQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:48:05
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 175.6.143.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:44:10.775886 2026] [security2:error] [pid 12737:tid 12737] [client 175.6.143.212:39735] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hotelparticulier.fritsknuf.com"] [uri "/.env.backup"] [unique_id "alj8Stl62_5ZfKqYi6irZAAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack