๐บ๐ธ
TPI-Abuse
2026-06-25 05:08:32
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 01:08:18.993193 2026] [security2:error] [pid 5230:tid 5230] [client 2a0e:97c0:3e3:873::1:3198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cabrynpoodles.com"] [uri "/.env.save"] [unique_id "ajy3wkd4uaFwMBloUlEJFgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-25 04:09:20
(4 days ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 00:54:13
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:54:02.895333 2026] [security2:error] [pid 2127:tid 2127] [client 2a0e:97c0:3e3:873::1:31984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgewakim.net"] [uri "/.env.dev"] [unique_id "ajx8KnhJUUuIeBBWv6zX4AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob.fr
2026-06-24 21:45:07
(4 days ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ณ๐ฑ
e.fierstra
2026-06-24 18:15:58
(5 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฉ๐ช
Enno
2026-06-24 17:27:38
(5 days ago)
P04::Fail2Ban: automated bot scanning / credential probing detected.
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-22 22:03:34
(6 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-21.
show less
Web App Attack
SSH
Hacking
๐ง๐ช
cmbplf
2026-06-22 16:40:56
(1 week ago)
144 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐ฌ๐ง
Aetherweb Ark
2026-06-22 14:54:23
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3e3:873::1 (Unknown): N in the last X ...
show more
(mod_security) mod_security (id:949110) triggered by 2a0e:97c0:3e3:873::1 (Unknown): N in the last X secs
show less
Web App Attack
๐ซ๐ท
dynamix
2026-06-22 14:13:03
(1 week ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 13:07:17
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:873::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 09:07:10.463589 2026] [security2:error] [pid 22180:tid 22180] [client 2a0e:97c0:3e3:873::1:22238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.springb.mordesign1.com"] [uri "/.env.local"] [unique_id "ajkzfv3Enya4UvSUqH9rfQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-06-22 11:55:40
(1 week ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2a0e:97c0:3e3:873::1 (CH/Switzerland/-): ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 2a0e:97c0:3e3:873::1 (CH/Switzerland/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2a0e:97c0:3e3:873::1 - - [22/Jun/2026:13:55:35 +0200] "HEAD /.aws/credentials HTTP/1.1" 200 0 "https://www.google.com/search?q=insegnesolution.emmeccisolution.it" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" "-" host=insegnesolution.emmeccisolution.it
2a0e:97c0:3e3:873::1 - - [22/Jun/2026:13:55:35 +0200] "HEAD /secrets.json HTTP/1.1" 200 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.6422.113 Mobile Safari/537.36" "-" host=insegnesolution.emmeccisolution.it
show less
Port Scan
๐ฉ๐ช
HandyTreff.de
2026-06-21 21:57:41
(1 week ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -53.229 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -53.229 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
show less
Web App Attack
Bad Web Bot
๐ฎ๐น
VHosting
2026-06-21 21:05:03
(1 week ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ต๐ฑ
sefinek.net
2026-06-21 20:13:24
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action: BLOCK | Protocol: HTTP/1.1 (HEAD) | Endpo ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action: BLOCK | Protocol: HTTP/1.1 (HEAD) | Endpoint: /.pgpass | UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot