๐ฆ๐บ
Joshua
2026-05-26 04:43:19
(1 month ago)
Web scraping
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2025-11-25 23:03:37
(7 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-11-24.
show less
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2025-11-24 09:44:02
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:43:46.038010 2025] [security2:error] [pid 30628:tid 30628] [client 217.156.56.50:55917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thendco.com"] [uri "/.env"] [unique_id "aSQo0hWTlnipJeyMmjKbpQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 09:27:23
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:27:06.924885 2025] [security2:error] [pid 836:tid 836] [client 217.156.56.50:5279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.concreting.net"] [uri "/.env"] [unique_id "aSQk6uL0NzPF_WJEq14BZQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 09:04:25
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 04:04:11.658014 2025] [security2:error] [pid 24626:tid 24626] [client 217.156.56.50:36589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.vitess.com"] [uri "/.env"] [unique_id "aSQfi7NK0oOdiimmBo-q-AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:40:14
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:39:56.913812 2025] [security2:error] [pid 13205:tid 13205] [client 217.156.56.50:4313] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thongtracker.com"] [uri "/.svn/wc.db"] [unique_id "aSQZ3HjwHx4EzP01VbDlrgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-24 08:38:53
(7 months ago)
Probing to gain illegal access
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:16:02
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:15:46.043403 2025] [security2:error] [pid 12102:tid 12107] [client 217.156.56.50:41305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.beelineproductions.com"] [uri "/.git/HEAD"] [unique_id "aSQUMvW9q1mxetu5lC-g6wAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-24 08:00:51
(7 months ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 08:00:41
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:00:20.825350 2025] [security2:error] [pid 24009:tid 24009] [client 217.156.56.50:21573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.arnoldwell.com"] [uri "/.svn/wc.db"] [unique_id "aSQQlNyUTpL3KTa6SZVUBAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 07:31:16
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:30:59.848632 2025] [security2:error] [pid 13404:tid 13404] [client 217.156.56.50:45083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.interiorsolutions-stuart.com"] [uri "/.env"] [unique_id "aSQJs4Hgd3WUkg4nrCYy3wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 07:13:44
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:13:30.176218 2025] [security2:error] [pid 28724:tid 28724] [client 217.156.56.50:12921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.furballaudio.com"] [uri "/.env"] [unique_id "aSQFmgtgOxv_9PZyaL2NQgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:53:45
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:53:31.180457 2025] [security2:error] [pid 27405:tid 27405] [client 217.156.56.50:27445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.broadcastmonitor.net"] [uri "/.svn/wc.db"] [unique_id "aSQA67bI426nx-qrpoIVYAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:35:48
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:35:28.733892 2025] [security2:error] [pid 27621:tid 27621] [client 217.156.56.50:43955] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.inversionestalarame.com"] [uri "/.env"] [unique_id "aSP8sPKFI31LoZLmhjuo9AAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:00:14
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 217.156.56.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:59:51.932803 2025] [security2:error] [pid 29702:tid 29702] [client 217.156.56.50:53309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.mgtofficial.com"] [uri "/.git/HEAD"] [unique_id "aSP0V-wcIowEXwqxeYm_YQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack