๐ณ๐ฑ
homeshowdomain.nl
2026-06-17 22:00:58
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-16.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-06-15 02:00:06
(2 weeks ago)
| Multiple common web attacks from same source ip. (multiple servers)
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
sato
2025-08-02 04:33:30
(11 months ago)
(mod_security) mod_security triggered on hostname [redacted] 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 ( ...
show more
(mod_security) mod_security triggered on hostname [redacted] 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2025-04-28 17:30:56
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210730) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 28 13:30:52.671172 2025] [security2:error] [pid 3950982:tid 3950982] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:43666] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||harry18.cc|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "harry18.cc"] [uri "/wp-content/debug.log"] [unique_id "aA-7TMqP7ZFkNpXw_ldsCwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-27 11:16:13
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:240335) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 27 07:16:08.284874 2025] [security2:error] [pid 4945:tid 4945] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:17114] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 31.32.161.184 (0+1 hits since last alert)|pixacast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixacast.com"] [uri "/xmlrpc.php"] [unique_id "aA4R-ObBmQOU9MIHMhduRgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-19 23:51:11
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210730) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 19:51:07.041272 2025] [security2:error] [pid 1797524:tid 1797524] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:54352] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||ipv6.pmg-lot.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ipv6.pmg-lot.com"] [uri "/var/log/system.log"] [unique_id "Z9tYa8aMN_zhD7c7EHW1zgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-09 17:00:06
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 12:59:58.765586 2025] [security2:error] [pid 2496495:tid 2496495] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:35724] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.hondabvi.com"] [uri "/kyc/.env"] [unique_id "Z83JDhoDXsm5cisXIeOgaAAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-22 21:43:19
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 22 16:43:15.153467 2025] [security2:error] [pid 28628:tid 28628] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:48232] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pmg-brightme.com"] [uri "/challenges/.env"] [unique_id "Z7pE8461CvLVTpsWMbAgTwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-21 19:39:22
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 21 14:39:15.360875 2025] [security2:error] [pid 27230:tid 27230] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:27966] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "redish.org"] [uri "/main/.env"] [unique_id "Z7jWYz8xmwo_Ydpjy568_QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-21 02:20:26
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 20 21:20:17.635006 2025] [security2:error] [pid 9598:tid 9598] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:35888] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.swarnar.com"] [uri "/:443/.env"] [unique_id "Z7fi4ZSFuYQ3SacPYGT7GgAAAFQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-01-24 00:02:13
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 23 19:02:09.936936 2025] [security2:error] [pid 11611:tid 11611] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:65178] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/new/.env"] [unique_id "Z5LYgUVVlvBE_C3iOef4iwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-01-20 16:17:56
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown) ...
show more
(mod_security) mod_security (id:210492) triggered by 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 20 11:17:51.708810 2025] [security2:error] [pid 7469:tid 7469] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4:9926] [client 2400:cb00:532:1000:ebc1:8cf2:3ea:dff4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globetechsecurities.com"] [uri "/sftp-config.json"] [unique_id "Z453L8oqC3KLXmv11MvbOgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2024-11-12 21:10:37
(1 year ago)
Persistent port scanning or vulnerability scanning
Port Scan