๐บ๐ธ
TPI-Abuse
2026-06-27 04:13:10
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:13:02.700198 2026] [security2:error] [pid 31872:tid 31979] [client 2a04:c300:400::153:53748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dcmproductionsgroup.com"] [uri "/.env.js"] [unique_id "aj9Nzo3njd3HoM78XetWGAAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:02:09
(5 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-26 19:48:13
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 15:48:05.002279 2026] [security2:error] [pid 24032:tid 24032] [client 2a04:c300:400::153:54492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yeejia.net"] [uri "/app/.env"] [unique_id "aj7XdXDYADmfitPiyRxZnAAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-26 10:03:14
(5 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 08:51:58
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:51:50.386730 2026] [security2:error] [pid 20758:tid 20758] [client 2a04:c300:400::153:8168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martinvjohnson.com"] [uri "/api/wp-config.php"] [unique_id "aj49pmaqneMLSiwQLNZjaQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 20:50:23
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:50:16.994443 2026] [security2:error] [pid 22046:tid 22046] [client 2a04:c300:400::153:33958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.carolineburkedesigns.com"] [uri "/.env.test"] [unique_id "aj2UiNQdFuZiKr3gTeHDngAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 17:44:46
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 13:44:38.495388 2026] [security2:error] [pid 27555:tid 27555] [client 2a04:c300:400::153:21136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.richsilver.com"] [uri "/.env.old"] [unique_id "aj1pBo8I8cn2i5PiqEwKjAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 16:23:41
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 12:23:35.188773 2026] [security2:error] [pid 1040:tid 1040] [client 2a04:c300:400::153:63888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.rlarms.com"] [uri "/.env"] [unique_id "aj1WBx5vUAJBEMjw7W8wvwAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 13:37:50
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 09:37:44.187361 2026] [security2:error] [pid 14191:tid 14191] [client 2a04:c300:400::153:45068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "personalizedbirthdaynapkins.com"] [uri "/.env.development"] [unique_id "aj0vKIwymZz2lrNlBN8fIAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 12:24:44
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 08:24:39.110941 2026] [security2:error] [pid 20058:tid 20132] [client 2a04:c300:400::153:36978] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ipv6.casademontemaior.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.casademontemaior.com"] [uri "/wp-content/debug.log"] [unique_id "aj0eBw1LWi7QiUKz7mmscgAAAMs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 11:31:51
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 07:31:46.395674 2026] [security2:error] [pid 27648:tid 27648] [client 2a04:c300:400::153:6554] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.auguststoten.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.auguststoten.com"] [uri "/wp-content/debug.log"] [unique_id "aj0Ronb3y8bGBMR0hHTSqQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 09:50:52
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 05:50:48.796596 2026] [security2:error] [pid 16818:tid 16818] [client 2a04:c300:400::153:42630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jhreid.com"] [uri "/.env"] [unique_id "ajz5-GrzWIVtz41Cc_ZM6QAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-25 09:31:56
(6 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 08:35:14
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:35:09.290290 2026] [security2:error] [pid 5415:tid 5415] [client 2a04:c300:400::153:6936] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ipv6.aaronnosan.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.aaronnosan.com"] [uri "/wp-content/debug.log"] [unique_id "ajzoPVviyjjro3hozdsloQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 07:47:22
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::153 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:47:17.881935 2026] [security2:error] [pid 5763:tid 5792] [client 2a04:c300:400::153:53964] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sattraffic.net"] [uri "/.env.development"] [unique_id "ajzdBaCfp4TzEfZ1c6Wk3gAAAVg"]
show less
Brute-Force
Bad Web Bot
Web App Attack