๐บ๐ธ
TPI-Abuse
2026-07-04 16:18:16
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 12:18:10.339737 2026] [security2:error] [pid 17234:tid 17234] [client 2a09:bac5:636a:281e::3ff:74:19086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lcoor.org"] [uri "/.env.copy"] [unique_id "akkyQmPKPqTnOHdzmUke9gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:52:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:52:25.666678 2026] [security2:error] [pid 5010:tid 5010] [client 2a09:bac5:636a:281e::3ff:74:13264] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.pfqfcic.org"] [uri "/.env.local.bak"] [unique_id "akksOa3qKrWq8ZJTYbseKwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:10:25
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:10:18.079528 2026] [security2:error] [pid 7338:tid 7338] [client 2a09:bac5:636a:281e::3ff:74:50288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.stantontownship.org"] [uri "/.env"] [unique_id "akkiWnFqrttrGybE4-vinwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 13:54:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 09:53:55.763039 2026] [security2:error] [pid 8806:tid 8806] [client 2a09:bac5:636a:281e::3ff:74:57052] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.directnic-support.rocks"] [uri "/api/.env"] [unique_id "akkQc_gj3zlRPttpX7ho5wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-07-04 13:21:25
(1 day ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-04 07:56:11
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:56:03.538304 2026] [security2:error] [pid 14511:tid 14511] [client 2a09:bac5:636a:281e::3ff:74:60482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.loupgaroubooks.com"] [uri "/api/.env"] [unique_id "aki8k8LhE9gfOHsExwLJrQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 05:07:09
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:07:04.618671 2026] [security2:error] [pid 7936:tid 7936] [client 2a09:bac5:636a:281e::3ff:74:14372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.wingblade.net"] [uri "/app/.env"] [unique_id "akiU-FRcAEHyXZKD59ZX2wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:54:31
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:54:23.594638 2026] [security2:error] [pid 14712:tid 14712] [client 2a09:bac5:636a:281e::3ff:74:19194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alltrashremoval.com"] [uri "/.env"] [unique_id "akhLr8UbY2Chwawgm_nsGgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:33:27
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:33:21.197037 2026] [security2:error] [pid 7548:tid 7568] [client 2a09:bac5:636a:281e::3ff:74:23736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.earthtravel.net"] [uri "/.env"] [unique_id "akg4sb-n4pT1KqRahQCQWwAAAUM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-03 22:00:28
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-02.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-03 20:32:03
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:31:59.366251 2026] [security2:error] [pid 15811:tid 15811] [client 2a09:bac5:636a:281e::3ff:74:45240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eboredom.net"] [uri "/app/.env"] [unique_id "akgcP7EZYxRsYWobr9XDYgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:07:47
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:07:39.055738 2026] [security2:error] [pid 6937:tid 6937] [client 2a09:bac5:636a:281e::3ff:74:25062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.sjjcox.com"] [uri "/.env"] [unique_id "akgWi2fnbvzVUzmf0zrVCAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 16:51:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 12:51:09.406778 2026] [security2:error] [pid 26283:tid 26283] [client 2a09:bac5:636a:281e::3ff:74:16842] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.circlehealthcaregroup.com"] [uri "/.env.dev"] [unique_id "akfofbuFxA0TXXkXhfv20wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 16:04:43
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 12:04:36.598951 2026] [security2:error] [pid 4729:tid 4729] [client 2a09:bac5:636a:281e::3ff:74:23732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "senecaalumni.com"] [uri "/.env"] [unique_id "akfdlCrgB53ONT09fVRO5wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 14:17:35
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:636a:281e::3ff:74 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 10:17:27.524343 2026] [security2:error] [pid 28909:tid 28909] [client 2a09:bac5:636a:281e::3ff:74:48166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.susannahtuttle.com"] [uri "/.env"] [unique_id "akfEd8H5c2fkzbuqsXSBugAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack