๐บ๐ธ
TPI-Abuse
2026-07-08 09:49:20
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:49:16.251732 2026] [security2:error] [pid 18932:tid 18932] [client 2605:3b80:111:b351::1:56191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jerielster.com"] [uri "/.env.prod"] [unique_id "ak4dHAGk1OELNwIknpDrhQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 09:02:04
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:01:55.643587 2026] [security2:error] [pid 20239:tid 20239] [client 2605:3b80:111:b351::1:58957] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.og.gmacguffin.com"] [uri "/.env.prod"] [unique_id "ak4SA7BynlD2baBNpHlgGAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:47:45
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:47:39.795710 2026] [security2:error] [pid 3999:tid 3999] [client 2605:3b80:111:b351::1:64225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web87.dnchosting.com"] [uri "/.env"] [unique_id "ak4Am0A4y3sqQ2jCFRpaUgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:32:38
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:32:32.464719 2026] [security2:error] [pid 31797:tid 31797] [client 2605:3b80:111:b351::1:55785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mikelynchphoto.com"] [uri "/.env"] [unique_id "ak39EKmwE8Yf628quuIKsQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 00:19:31
(1 day ago)
2605:3b80:111:b351::1 - - [08/Jul/2026:08:19:30 +0800] "GET /config.env HTTP/1.1" 404 13838 "-" "Moz ...
show more
2605:3b80:111:b351::1 - - [08/Jul/2026:08:19:30 +0800] "GET /config.env HTTP/1.1" 404 13838 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-08 00:18:59
(1 day ago)
Try to access /.env
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-06 21:59:20
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-05.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 20:02:43
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:02:37.872353 2026] [security2:error] [pid 22541:tid 22541] [client 2605:3b80:111:b351::1:59350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "workzoap.com.worldchat.global"] [uri "/.git/config"] [unique_id "akwJ3XHWUGO93Scv5Slf-gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-06 12:47:22
(2 days ago)
[MonJul0614:47:18.0796462026][security2:error][pid5817:tid5958][client2605:3b80:111:b351::1:0]ModSec ...
show more
[MonJul0614:47:18.0796462026][security2:error][pid5817:tid5958][client2605:3b80:111:b351::1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(curl\|wget\|python\|nikto\|sqlmap\|acunetix\|fimap\|dirbuster\|cmsmap\)\"atREQUEST_HEADERS:user-agent.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"217\"][id\"990210\"][msg\"Suspicioususer-agentblocked\"][hostname\"autoconfig.gmint.ch\"][uri\"/.env.production\"][unique_id\"akuj1mxfMf5XtGzbuj-6mwAAARg\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 03:20:39
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:20:33.749448 2026] [security2:error] [pid 15365:tid 15365] [client 2605:3b80:111:b351::1:60924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iworklife.org"] [uri "/.env.staging"] [unique_id "aksfAR4la9DvB_-uWQNu1AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:55:20
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:55:12.218825 2026] [security2:error] [pid 3198:tid 3198] [client 2605:3b80:111:b351::1:56256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barkatthemoonpetsitting.com"] [uri "/.env"] [unique_id "aksZEG8l7TSfX4yD9xI_EQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-05 21:30:38
(3 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-05 19:45:04
(3 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 17:59:56
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2605:3b80:111:b351::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 13:59:49.724010 2026] [security2:error] [pid 1774:tid 1774] [client 2605:3b80:111:b351::1:62457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ryan.robotrodeo.net"] [uri "/.git/config"] [unique_id "akqbleteOC5lYue0CNZbMAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack