๐บ๐ธ
TPI-Abuse
2026-06-20 19:39:05
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:38:56.347851 2026] [security2:error] [pid 20448:tid 20448] [client 2602:fb54:1a00::4b:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.socialstudiesforkids.com"] [uri "/.env"] [unique_id "ajbsUMBIHmFZRRffeprvvwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-20 13:45:21
(1 week ago)
Automatically blocked after 11 security events. Observed sensitive configuration-file probes. Source ...
show more
Automatically blocked after 11 security events. Observed sensitive configuration-file probes. Source: Cloudflare security controls.
show less
Hacking
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-20 13:21:01
(1 week ago)
2602:fb54:1a00::4b - - [20/Jun/2026:16:21:00 +0300] "GET /api/.env HTTP/1.1" 404 3261 "-" "Mozilla/5 ...
show more
2602:fb54:1a00::4b - - [20/Jun/2026:16:21:00 +0300] "GET /api/.env HTTP/1.1" 404 3261 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)"
...
show less
Web App Attack
๐ฎ๐ฉ
soc-yk
2026-06-20 11:20:12
(1 week ago)
Type: suspicious_network_activity
Risk: 97
Events: 92
Evidence:
- Persistent suspicious network act ...
show more
Type: suspicious_network_activity
Risk: 97
Events: 92
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Multi-event operational persistence identified
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐บ๐ฆ
URAN Publishing Service
2026-06-20 10:54:08
(1 week ago)
2602:fb54:1a00::4b - - [20/Jun/2026:13:54:06 +0300] "GET /app/.env HTTP/1.1" 404 628 "-" "Mozilla/5. ...
show more
2602:fb54:1a00::4b - - [20/Jun/2026:13:54:06 +0300] "GET /app/.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)"
...
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-06-20 09:49:00
(1 week ago)
IPBlock protected site ID [644-wsw].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 08:50:21
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:50:16.236822 2026] [security2:error] [pid 23884:tid 23884] [client 2602:fb54:1a00::4b:40206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stationrestaurant.ca"] [uri "/api/.env"] [unique_id "ajZUSB3DVQUU8bf_c_MVBQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 07:57:43
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:57:35.972096 2026] [security2:error] [pid 16197:tid 16197] [client 2602:fb54:1a00::4b:50704] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carminestogo.com"] [uri "/.env.example"] [unique_id "ajZH7zIPGJ0GY60-1NY5tQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-06-20 07:34:00
(1 week ago)
IPBlock protected site ID [3192-af][s=06].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
Skyrider
2026-06-20 07:15:51
(1 week ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 07:14:06
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:949110) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:14:01.547749 2026] [security2:error] [pid 11320:tid 11320] [client 2602:fb54:1a00::4b:56232] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "experimentalscene.com"] [uri "/api/.env"] [unique_id "ajY9uehw79FlQpc1kl-pkgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 05:30:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:29:59.193953 2026] [security2:error] [pid 27893:tid 27893] [client 2602:fb54:1a00::4b:37202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sangalgano.info"] [uri "/.env.example"] [unique_id "ajYlV35nTM88eFCE3Q1E7wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-06-20 05:20:00
(1 week ago)
IPBlock protected site ID [2815-wdn][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 05:05:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:05:12.397395 2026] [security2:error] [pid 23413:tid 23413] [client 2602:fb54:1a00::4b:43644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.grasslakepizzatime.com"] [uri "/.env"] [unique_id "ajYfiDY7UOavLhAIYvZDsQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 04:40:47
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2602:fb54:1a00::4b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:40:41.206956 2026] [security2:error] [pid 14446:tid 14446] [client 2602:fb54:1a00::4b:44712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mms-boss.net"] [uri "/api/.env"] [unique_id "ajYZyd-NLg2Yyk55oUoXhAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack