๐บ๐ธ
TPI-Abuse
2026-06-30 08:37:30
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:37:23.611530 2026] [security2:error] [pid 21201:tid 21201] [client 2a0c:5d00:2002::1182:e196:39426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.randomgroovemusic.com.englishmagic.us"] [uri "/.env.dev"] [unique_id "akOAQwmQqGH3hFzI-_YpIwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:57:23
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:57:15.603889 2026] [security2:error] [pid 3195:tid 3195] [client 2a0c:5d00:2002::1182:e196:52882] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meghanmack.com"] [uri "/server/.env"] [unique_id "akN22w1Wkkuk26_3tHYjYAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:09:39
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:09:29.405183 2026] [security2:error] [pid 16540:tid 16540] [client 2a0c:5d00:2002::1182:e196:35368] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "test.altruaglobalsolutions.com"] [uri "/.env.old"] [unique_id "akNrqZ0bknKKniEI0dW7rgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
gws-hostmaster
2026-06-30 06:12:59
(21 hours ago)
ModSecurity OWASP CRS (Anomaly Score: 10): Attempt to access a backup or working file;Restricted Fil ...
show more
ModSecurity OWASP CRS (Anomaly Score: 10): Attempt to access a backup or working file;Restricted File Access Attempt;URL file extension is restricted by policy;
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:08:53
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:08:47.257659 2026] [security2:error] [pid 16746:tid 16746] [client 2a0c:5d00:2002::1182:e196:33468] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.secemexico.com.disenowebprofesional.com"] [uri "/.env.production"] [unique_id "akNdb28kZAAcY-dBHfqVOQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-06-30 06:00:14
(21 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 05:51:48
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 01:51:40.788008 2026] [security2:error] [pid 32512:tid 32512] [client 2a0c:5d00:2002::1182:e196:41788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthearodgers.com"] [uri "/.env.local"] [unique_id "akNZbD_LpUv-muKQdQxrzQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:53:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:53:18.860366 2026] [security2:error] [pid 31234:tid 31234] [client 2a0c:5d00:2002::1182:e196:44936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.southtncardio.com"] [uri "/web/.env"] [unique_id "akJqvhVsoEYQ7ig1t9lo3AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-26 22:03:45
(4 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-25 15:45:56
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:5d00:2002::1182:e196 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:45:51.048147 2026] [security2:error] [pid 19356:tid 19356] [client 2a0c:5d00:2002::1182:e196:38772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gcmmortgage.com"] [uri "/.env"] [unique_id "aj1NL1UKIierVegRYsAgjwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack