๐ช๐ธ
librebit
2026-07-02 23:03:28
(6 days ago)
Brute force
Brute-Force
๐ฉ๐ช
Teufel100
2026-06-30 09:14:43
(1 week ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack
๐ฉ๐ช
paissangroup
2026-06-30 08:24:04
(1 week ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:07:16
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:07:10.926810 2026] [security2:error] [pid 7469:tid 7469] [client 47.238.242.102:46750] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.app.fourminutedecision.com"] [uri "/.env.dev"] [unique_id "akN5LoUBJaD9AF9t8tE6NAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:17:18
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:17:09.647864 2026] [security2:error] [pid 2493:tid 2493] [client 47.238.242.102:52512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.meridianranchdrc.org"] [uri "/.env.dist"] [unique_id "akNtdaZnY_s4bQ5PrRFfJAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 07:06:44
(1 week ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=144
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 06:53:03
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:52:58.036345 2026] [security2:error] [pid 21137:tid 21137] [client 47.238.242.102:38838] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tekrav.kuddlkat.com"] [uri "/.env.staging"] [unique_id "akNnyl4irfni7pf0A4xnOQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-30 06:46:55
(1 week ago)
[TueJun3008:46:50.3290702026][security2:error][pid4036573:tid4036586][client47.238.242.102:0]ModSecu ...
show more
[TueJun3008:46:50.3290702026][security2:error][pid4036573:tid4036586][client47.238.242.102:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"distributori-automatici-sigarette-ticino.ch.136-243-54-122.cpanel.site\"][uri\"/wp-config.php.txt\"][unique_id\"akNmWvPqMVk9lO1PKZ1BZAAAAAI\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-06-30 06:40:44
(1 week ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:37:19
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:37:13.520338 2026] [security2:error] [pid 16509:tid 16619] [client 47.238.242.102:52444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sellmantitle.com"] [uri "/.env.development"] [unique_id "akNkGR5LFzlA3DZ30t9mBwAAAQ0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-30 06:31:25
(1 week ago)
[TueJun3008:31:19.8958022026][security2:error][pid2126986:tid2127189][client47.238.242.102:0]ModSecu ...
show more
[TueJun3008:31:19.8958022026][security2:error][pid2126986:tid2127189][client47.238.242.102:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"gamotors.ch\"][uri\"/.env\"][unique_id\"akNityerBDmhjaVZNARDaQAAAFQ\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-06-30 06:24:02
(1 week ago)
2026/06/30 07:24:00 [error] 1094874#1094874: *2215170 access forbidden by rule, client: 47.238.242.1 ...
show more
2026/06/30 07:24:00 [error] 1094874#1094874: *2215170 access forbidden by rule, client: 47.238.242.102, server: [redacted], request: "GET /backup/.env HTTP/1.1", host: "[redacted]"
2026/06/30 07:24:00 [error] 1094874#1094874: *2215170 access forbidden by rule, client: 47.238.242.102, server: [redacted], request: "GET /backups/.env HTTP/1.1", host: "[redacted]"
2026/06/30 07:24:00 [error] 1094874#1094874: *2215170 access forbidden by rule, client: 47.238.242.102, server: [redacted], request: "GET /old/.env HTTP/1.1", host: "[redacted]"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:20:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.238.242.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:20:33.291246 2026] [security2:error] [pid 30823:tid 30823] [client 47.238.242.102:41148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "janesoffice.com"] [uri "/.env.production.local"] [unique_id "akNgMVlZQmKQmKAj40tzPAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 06:01:39
(1 week ago)
Blocked by ModSec and CSF
Port Scan
Anonymous
2026-06-30 05:51:43
(1 week ago)
Wordpress vulnerability scanning
...
Web App Attack