๐บ๐ธ
Starburst SysOp Team
2026-06-09 14:55:27
(3 weeks ago)
(mod_security-custom) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-09 05:39:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:39:17.117664 2026] [security2:error] [pid 22253:tid 22253] [client 2a09:bac1:7681:62b0::23d:81:34950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wheelworks.biz"] [uri "/.env.swp"] [unique_id "aienBauodOpkmzN5HuvNFwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 05:18:28
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:18:21.555655 2026] [security2:error] [pid 1168:tid 1168] [client 2a09:bac1:7681:62b0::23d:81:51150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.encoreporchfest.info"] [uri "/.env.swp"] [unique_id "aieiHRvsoPfL2j7EggZtbAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
itsnixk
2026-06-09 01:40:15
(3 weeks ago)
(mod_security) mod_security (id:930130) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:930130) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 08 21:40:12.318032 2026] [security2:error] [pid 74318:tid 74351] [remote 2a09:bac1:7681:62b0::23d:81:0] ModSecurity: Access denied with code 406 (phase 1). Matched phrase ".env" at REQUEST_FILENAME. [file "/etc/modsecurity.d/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "150"] [id "930130"] [msg "Restricted File Access Attempt"] [redacted] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [redacted] [uri "/web/.env"] [unique_id "aidu_MF7HPO0F5Fd-XKWLgAAGBo"]
show less
Port Scan
Anonymous
2026-06-09 00:05:05
(3 weeks ago)
WAF repeated trigger detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 23:05:24
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 19:05:18.765332 2026] [security2:error] [pid 8494:tid 8494] [client 2a09:bac1:7681:62b0::23d:81:19624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.smid.tv"] [uri "/.env.dev"] [unique_id "aidKruYKkyHcJ91UPED6JwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
lindi
2026-06-08 21:45:55
(3 weeks ago)
trying to access .env file
...
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 18:49:52
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:49:45.330622 2026] [security2:error] [pid 2729:tid 2753] [client 2a09:bac1:7681:62b0::23d:81:12484] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "draas.info"] [uri "/.env.bak"] [unique_id "aicOycEr22MGBm1zqbho9QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 17:57:37
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:57:34.125529 2026] [security2:error] [pid 7828:tid 7828] [client 2a09:bac1:7681:62b0::23d:81:49054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.meta24.vip"] [uri "/admin/.env"] [unique_id "aicCjq23GFEz6zZibhlv5wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 17:40:49
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:40:44.621629 2026] [security2:error] [pid 16964:tid 16964] [client 2a09:bac1:7681:62b0::23d:81:49416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.livesteamtracks.info"] [uri "/.env.bak"] [unique_id "aib-nMLbCTEy7ndC-q4lIgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-06-08 17:40:02
(3 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
Baking333
2026-06-08 16:27:50
(3 weeks ago)
[redacted] 2a09:bac1:7681:62b0::23d:81 - - [08/Jun/2026:17:27:45 +0100] "GET / HTTP/1.1" 200 8279 0/ ...
show more
[redacted] 2a09:bac1:7681:62b0::23d:81 - - [08/Jun/2026:17:27:45 +0100] "GET / HTTP/1.1" 200 8279 0/118731 "https://[redacted]/.[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36" [redacted] 2a09:bac1:7681:62b0::23d:81 - - [08/Jun/2026:17:27:47 +0100] "GET / HTTP/1.1" 200 8276 0/198641 "https://[redacted]/.[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/131.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 15:53:16
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:53:10.859956 2026] [security2:error] [pid 30503:tid 30503] [client 2a09:bac1:7681:62b0::23d:81:24570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.ianpearce.tv"] [uri "/src/.env"] [unique_id "aiblZo2Pd1PDuapgLuOuUAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:47:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:46:56.711157 2026] [security2:error] [pid 31642:tid 31642] [client 2a09:bac1:7681:62b0::23d:81:21056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xcengineering.xyz"] [uri "/app/.env"] [unique_id "aiYC8K0uE43mbb0Z52MTewAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:03:39
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:7681:62b0::23d:81 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:03:34.780711 2026] [security2:error] [pid 25646:tid 25646] [client 2a09:bac1:7681:62b0::23d:81:20630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kdgsf.xyz"] [uri "/api/.env"] [unique_id "aiXOlhCsfuqanEOHLSwHjgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack