π©πͺ
Phenix Info
2026-06-21 06:30:19
(2 weeks ago)
SmallGuard.fr - Forbidden Ext.
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-15 08:03:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:02:46.327447 2026] [security2:error] [pid 10036:tid 10036] [client 104.23.209.237:13527] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campbellsclan.com"] [uri "/.env.development"] [unique_id "agbTJrQ-wE79JDFJE5miVgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-15 07:32:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 03:31:59.297107 2026] [security2:error] [pid 25909:tid 25909] [client 104.23.209.237:9331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelholdawayvideos.info"] [uri "/sftp-config.json"] [unique_id "agbL7673wHXccXLx0AspZgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-05-14 22:05:48
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
πΊπΈ
wimaxnz
2026-05-05 05:07:41
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
πΊπΈ
wimaxnz
2026-05-02 00:35:41
(2 months ago)
Automated report from 247 Guardian: repeated malicious activity detected. | reason=nginx_badpath
Brute-Force
SSH
Port Scan
πΊπΈ
mnsf
2026-04-08 20:05:36
(2 months ago)
Scanning/Probing (16)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-04-05 06:05:27
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-03-25 17:05:22
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 15:11:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 11:11:23.846634 2026] [security2:error] [pid 23993:tid 23993] [client 104.23.209.237:9598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.henrietteg.com"] [uri "/.env.bak"] [unique_id "ab61G2kK7n4mAAF2AGJ1tgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 04:30:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 00:30:00.562957 2026] [security2:error] [pid 6996:tid 6996] [client 104.23.209.237:12929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.bikinipageone.com"] [uri "/.env_settings"] [unique_id "ab4eyJRqJJ3FkqQxGBkw8gAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 04:07:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 00:07:10.240334 2026] [security2:error] [pid 13627:tid 13627] [client 104.23.209.237:9424] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hamiltontruckingcompany.com"] [uri "/.env.dev"] [unique_id "ab4Zbr2STwAOmOZ450RQpwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 02:17:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:17:01.270954 2026] [security2:error] [pid 20758:tid 20776] [client 104.23.209.237:12440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robotics4fun.com"] [uri "/.git/index"] [unique_id "ab3_nUF41ZPiKtf471qPXQAAAU8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 01:56:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 21:56:35.315274 2026] [security2:error] [pid 22140:tid 22140] [client 104.23.209.237:9502] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.theeternalperspective.com"] [uri "/.env.production"] [unique_id "ab3605W7tUcpgApo78XpLgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 00:49:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.209.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 20:49:32.588999 2026] [security2:error] [pid 12353:tid 12353] [client 104.23.209.237:12400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.emiliofatuzzo.com"] [uri "/site/.env"] [unique_id "ab3rHGau2XBmE-FlSXP67AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack