๐ณ๐ฑ
BlueWire Hosting
2026-06-21 16:44:04
(2 weeks ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 16:23:27
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:23:20.961901 2026] [security2:error] [pid 27257:tid 27257] [client 2a04:c300:400::1ce:54252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.elainebroussard.com"] [uri "/.env"] [unique_id "ajgP-BcwEn5oab0BnWggBAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-21 16:23:26
(2 weeks ago)
Excessive multi-domain requests
Brute-Force
๐ณ๐ฑ
e.fierstra
2026-06-21 16:07:32
(2 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 16:07:12
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:07:09.451273 2026] [security2:error] [pid 18697:tid 18697] [client 2a04:c300:400::1ce:60716] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.krislajeskiedesign.com"] [uri "/.env.staging"] [unique_id "ajgMLVkvJgIxxwx6QtFbPwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 15:48:54
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:48:50.339514 2026] [security2:error] [pid 4451:tid 4451] [client 2a04:c300:400::1ce:2998] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.webmail.awcadvocate.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.webmail.awcadvocate.com"] [uri "/wp-content/debug.log"] [unique_id "ajgH4rmZbe1Hdr1mjlVYjQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-21 15:34:07
(2 weeks ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-21 15:17:16
(2 weeks ago)
20 attempts against mh-misbehave-ban on pavo
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-21 14:03:27
(2 weeks ago)
(modsecurity) srv102 ModSecurity 2a04:c300:400::1ce (DE/Germany/-): 10 in the last 3600 secs; Ports: ...
show more
(modsecurity) srv102 ModSecurity 2a04:c300:400::1ce (DE/Germany/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 13:44:19
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:44:13.474375 2026] [security2:error] [pid 2080:tid 2080] [client 2a04:c300:400::1ce:23148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.sprek.net"] [uri "/.env"] [unique_id "ajfqrVG803wTR_7x_dEEFwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 13:24:22
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:24:14.298385 2026] [security2:error] [pid 1265:tid 1265] [client 2a04:c300:400::1ce:7180] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||madamtuso.salsberggroup.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "madamtuso.salsberggroup.com"] [uri "/wp-content/debug.log"] [unique_id "ajfl_gG2Dtak6fMHSSEJJgAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-21 12:50:17
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 12:46:49
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:46:42.089630 2026] [security2:error] [pid 31228:tid 31248] [client 2a04:c300:400::1ce:49158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "executive.bz"] [uri "/web/.env"] [unique_id "ajfdMrSfhsdYRhkYBs_PkQAAANI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-21 12:03:25
(2 weeks ago)
2a04:c300:400::1ce - - [21/Jun/2026:15:03:23 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 707 "-" ...
show more
2a04:c300:400::1ce - - [21/Jun/2026:15:03:23 +0300] "GET /wp-content/debug.log HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0"
2a04:c300:400::1ce - - [21/Jun/2026:15:03:24 +0300] "GET /web/.env HTTP/1.1" 404 707 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Edg/146.0.0.0"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 11:56:44
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a04:c300:400::1ce (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 07:56:39.163353 2026] [security2:error] [pid 23686:tid 23686] [client 2a04:c300:400::1ce:17128] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||indicadores.gabosoftware.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "indicadores.gabosoftware.com"] [uri "/wp-content/debug.log"] [unique_id "ajfRd7bQsbs4PG7dBCI7DAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack