๐บ๐ธ
TPI-Abuse
2026-06-21 22:16:31
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 18:16:25.817157 2026] [security2:error] [pid 13064:tid 13064] [client 2a0c:9f00:a000:9ea7::1:51318] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||auguststoten.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "auguststoten.com"] [uri "/wp-content/debug.log"] [unique_id "ajhiuaHTaMpXZq6CkfXRcgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-21 22:00:06
(1 week ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-21 21:52:38
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:52:30.277503 2026] [security2:error] [pid 8558:tid 8558] [client 2a0c:9f00:a000:9ea7::1:45428] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||atame.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atame.com"] [uri "/wp-content/debug.log"] [unique_id "ajhdHvULkJ1JTMPK-9heNAAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 21:30:42
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:30:37.075007 2026] [security2:error] [pid 4319:tid 4319] [client 2a0c:9f00:a000:9ea7::1:36336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "asiabeef.network"] [uri "/api/.env"] [unique_id "ajhX_RWHzW0u2e9G-Zm8hgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 21:10:07
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:09:58.277790 2026] [security2:error] [pid 1890:tid 1890] [client 2a0c:9f00:a000:9ea7::1:53354] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.arteseros.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.arteseros.com"] [uri "/wp-content/debug.log"] [unique_id "ajhTJkdZiZbFmUi8AB6JpQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Major Hostility
2026-06-21 21:07:24
(1 week ago)
"GET /wp-content/debug.log HTTP/1.1" 404
"GET /application.yml HTTP/1.1" 404
"GET /.env HTTP/1.1" 40 ...
show more
"GET /wp-content/debug.log HTTP/1.1" 404
"GET /application.yml HTTP/1.1" 404
"GET /.env HTTP/1.1" 404
"GET /.env.example HTTP/1.1" 404
"GET /.aws/credentials HTTP/1.1" 404
"GET /secrets.json HTTP/1.1" 404
"GET /secrets.yml HTTP/1.1" 404
"GET /api/.env HTTP/1.1" 404
show less
Web App Attack
๐ฉ๐ช
todix
2026-06-21 20:41:39
(1 week ago)
WebAttack or semilar from 2a0c:9f00:a000:9ea7::1
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 20:39:36
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 16:39:32.372662 2026] [security2:error] [pid 4323:tid 4323] [client 2a0c:9f00:a000:9ea7::1:36844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archaiusmusic.com"] [uri "/api/.env"] [unique_id "ajhMBOeFP2QAs1J5DyQgAAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 19:54:29
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:54:24.096934 2026] [security2:error] [pid 10263:tid 10263] [client 2a0c:9f00:a000:9ea7::1:43584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthearodgers.com"] [uri "/.env"] [unique_id "ajhBcFLwHtk4vgZhu8iJlQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 19:23:31
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:23:23.509199 2026] [security2:error] [pid 20556:tid 20556] [client 2a0c:9f00:a000:9ea7::1:39074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amybeam.com"] [uri "/.env"] [unique_id "ajg6K4JsVAMBMb6ux8cUwAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 19:05:57
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:05:52.690018 2026] [security2:error] [pid 4969:tid 4969] [client 2a0c:9f00:a000:9ea7::1:35872] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amazinghydraulics.com"] [uri "/api/.env"] [unique_id "ajg2EHabgO5y5mxQsciOZwAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 18:45:50
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210730) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:45:45.178454 2026] [security2:error] [pid 30880:tid 30880] [client 2a0c:9f00:a000:9ea7::1:54640] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||alphazeta.net|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alphazeta.net"] [uri "/wp-content/debug.log"] [unique_id "ajgxWQZg6Gd9NqY1FUdBuAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 18:30:24
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:30:20.404913 2026] [security2:error] [pid 28979:tid 28979] [client 2a0c:9f00:a000:9ea7::1:46194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.allisonbtaylor.com"] [uri "/.env.example"] [unique_id "ajgtvDCu9ubIxKb6vQEwGAAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 18:14:24
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0c:9f00:a000:9ea7::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:14:20.375536 2026] [security2:error] [pid 10144:tid 10144] [client 2a0c:9f00:a000:9ea7::1:56922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.al-harbi.com"] [uri "/.env"] [unique_id "ajgp_K0KSC7i5qAYjAWRUwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-21 17:58:41
(1 week ago)
[SunJun2119:58:39.1013152026][security2:error][pid222249:tid222311][client2a0c:9f00:a000:9ea7::1:0]M ...
show more
[SunJun2119:58:39.1013152026][security2:error][pid222249:tid222311][client2a0c:9f00:a000:9ea7::1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"mail.albertiarnaldoluigi.ch\"][uri\"/wp-content/debug.log\"][unique_id\"ajgmT75GKNIHCYX8N_u6twAAAQI\"]
show less
Port Scan
Brute-Force
Web App Attack