๐บ๐ธ
TPI-Abuse
2026-07-03 23:37:58
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:37:50.906708 2026] [security2:error] [pid 11388:tid 11388] [client 41.143.42.213:50984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "feaverslane.com"] [uri "/.env"] [unique_id "akhHzrYJ5uhylfVwlz7EkAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 23:31:49
(12 hours ago)
1.136 requests with url.path *phpinfo.php
1.094 requests with url.path /phpinfo.php
805 requests ...
show more
1.136 requests with url.path *phpinfo.php
1.094 requests with url.path /phpinfo.php
805 requests with url.path *.env
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
rdpguard.com
2026-07-03 23:20:00
(12 hours ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-03 23:14:19
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:14:12.613088 2026] [security2:error] [pid 26545:tid 26545] [client 41.143.42.213:60226] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "farsipraiseclub.com"] [uri "/.env"] [unique_id "akhCRHyI-48WnG94ymMZdgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-07-03 23:03:05
(12 hours ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ...
show more
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 22:49:07
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:49:03.780528 2026] [security2:error] [pid 28672:tid 28672] [client 41.143.42.213:64300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "faithlines.com"] [uri "/.env"] [unique_id "akg8X2HTLHG-UtXC-zHVTQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:27:34
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:27:28.490360 2026] [security2:error] [pid 3109:tid 3109] [client 41.143.42.213:52036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ezsmiledental.com"] [uri "/.env"] [unique_id "akg3UJDvnOwYkG1JP7Cw4gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฎ
extremevital
2026-07-03 22:18:20
(13 hours ago)
41.143.42.213 - - [04/Jul/2026:00:18:19 +0200] "GET /info.php HTTP/1.0" 301 658 1609 "http://extreme ...
show more
41.143.42.213 - - [04/Jul/2026:00:18:19 +0200] "GET /info.php HTTP/1.0" 301 658 1609 "http://extremevital.com/info.php" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 22:06:23
(13 hours ago)
(mod_security) mod_security (id:949110) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:949110) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:06:18.525136 2026] [security2:error] [pid 7511:tid 7511] [client 41.143.42.213:53567] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "experimentalscene.com"] [uri "/.env"] [unique_id "akgyWnfqhdyP_gDopgWiJgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-03 21:52:10
(13 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฎ๐น
Inartis
2026-07-03 21:48:47
(13 hours ago)
41.143.42.213 - - [03/Jul/2026:23:48:46 +0200] "GET /.env HTTP/1.1" 302 425 "-" "Mozilla/5.0 (compat ...
show more
41.143.42.213 - - [03/Jul/2026:23:48:46 +0200] "GET /.env HTTP/1.1" 302 425 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
41.143.42.213 - - [03/Jul/2026:23:48:46 +0200] "GET /.env HTTP/1.1" 403 179 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0"
41.143.42.213 - - [03/Jul/2026:23:48:46 +0200] "GET /.env HTTP/1.1" 403 179 "http://evw2024.com/.env" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:45:46
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:45:42.514993 2026] [security2:error] [pid 7548:tid 7580] [client 41.143.42.213:61744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolutionaryethics.com"] [uri "/.env"] [unique_id "akgthr-n4pT1KqRahQCEVwAAAU8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-03 21:45:05
(14 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:29:59
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 41.143.42.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:29:54.028836 2026] [security2:error] [pid 32135:tid 32135] [client 41.143.42.213:61384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evelynkay.com"] [uri "/.env"] [unique_id "akgp0jI9IHIcu5gm6L4WJwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 21:05:36
(14 hours ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (18/60 min)'; Requests=18
Port Scan