๐ณ๐ฑ
homeshowdomain.nl
2026-05-28 22:00:39
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-27.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-28 14:30:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 10:30:24.914716 2026] [security2:error] [pid 31189:tid 31189] [client 216.74.118.132:47081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "legionellaexperts.org"] [uri "/.env.local"] [unique_id "ahhRgD6XZbdyA2jG14B7MQAAAAc"], referer: https://www.google.com/search?q=legionellaexperts.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 00:10:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:10:01.827118 2026] [security2:error] [pid 30890:tid 30890] [client 216.74.118.132:34601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3-6trucking.com"] [uri "/.env.production"] [unique_id "aheH2U4lXP5iCyK8FISEuQAAAA4"], referer: https://www.google.com/search?q=3-6trucking.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 18:00:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 14:00:09.793820 2026] [security2:error] [pid 19994:tid 19994] [client 216.74.118.132:51109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "uncle-david.com"] [uri "/sftp-config.json"] [unique_id "ahcxKRND4YqqAltwddeeYQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-27 17:50:03
(1 month ago)
| Suspicious URL access.
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
FeG Deutschland
2026-05-27 16:16:24
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
๐ท๐บ
Mga Admin
2026-05-27 12:16:21
(1 month ago)
216.74.118.132 - - [27/May/2026:19:16:21 +0700] "GET /_rNd9xZ7kL3 HTTP/1.1" 404 196 "-" "Mozilla/5.0 ...
show more
216.74.118.132 - - [27/May/2026:19:16:21 +0700] "GET /_rNd9xZ7kL3 HTTP/1.1" 404 196 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 11:38:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 07:38:51.646337 2026] [security2:error] [pid 30465:tid 30465] [client 216.74.118.132:41465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.henrietteg.com"] [uri "/.env.development"] [unique_id "ahbXy9zU_0ZVVBc3S4azeAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 00:21:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:30.251576 2026] [security2:error] [pid 23496:tid 23496] [client 216.74.118.132:57647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.insurance4you.agency.polish-boat-registration.com"] [uri "/.env.vercel"] [unique_id "ahY5Ck1Hizoam4NuI96vzwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 17:54:44
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 216.74.118.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 13:54:35.607733 2026] [security2:error] [pid 21989:tid 21989] [client 216.74.118.132:50071] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||ncparanormalresearch.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ncparanormalresearch.com"] [uri "/backup.sql"] [unique_id "ahXeW2q7s6a6U8n-HD3J6wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kommunos
2024-05-31 11:02:14
(2 years ago)
/wp-admin
Web App Attack
๐บ๐ธ
ph
2024-04-27 20:08:50
(2 years ago)
Bad web bot attempting to run wp-admin on non-WP site
Hacking
Bad Web Bot
Web App Attack