๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 21:59:17
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-01.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
ger-stg-sifi1
2026-07-01 19:23:19
(3 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
debaba
2026-07-01 18:01:09
(3 days ago)
[01/Jul/2026:18:01:06.316650 +0000] akVV4Vx_TYUKz77H29js4wAAAAQ 2a04:c300:400::12d 43576 127.0.0.1 7 ...
show more
[01/Jul/2026:18:01:06.316650 +0000] akVV4Vx_TYUKz77H29js4wAAAAQ 2a04:c300:400::12d 43576 127.0.0.1 7081
[01/Jul/2026:18:01:08.269742 +0000] akVV4lx_TY
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 17:52:14
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 13:52:09.536011 2026] [security2:error] [pid 16563:tid 16563] [client 2a04:c300:400::12d:23388] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.reimaginingchess.com"] [uri "/.env"] [unique_id "akVTyb6JeYasWBJs_HyQUwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 17:33:23
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 13:33:18.327015 2026] [security2:error] [pid 30718:tid 30718] [client 2a04:c300:400::12d:12030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.wickliffehof.org"] [uri "/.env.local"] [unique_id "akVPXgOU8xOFq-O5KZs6sgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:30:01
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:29:54.892827 2026] [security2:error] [pid 17399:tid 17399] [client 2a04:c300:400::12d:5724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pozzolan.org"] [uri "/.env"] [unique_id "akVAgidJJIiLqW_z2XBNYQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:08:47
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:08:44.184043 2026] [security2:error] [pid 29391:tid 29391] [client 2a04:c300:400::12d:52816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.delucchi.net"] [uri "/api/.env"] [unique_id "akU7jGuJKBT_c6egU5yK0AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:49:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:49:22.510228 2026] [security2:error] [pid 23892:tid 23892] [client 2a04:c300:400::12d:58142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "statebeach.org.mrcd.org"] [uri "/.env"] [unique_id "akU3AqvYmb20qjZSVpunfgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:19:55
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:19:48.746686 2026] [security2:error] [pid 15709:tid 15709] [client 2a04:c300:400::12d:26644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.patanthony.com"] [uri "/.env"] [unique_id "akUwFOPOXJud2XoZ9usWOwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:00:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:00:42.709956 2026] [security2:error] [pid 8963:tid 8963] [client 2a04:c300:400::12d:25224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.comobarbershop.com"] [uri "/app/.env"] [unique_id "akUrmnaxHfX9SD6ayATpRAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 14:42:54
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 10:42:47.222972 2026] [security2:error] [pid 18466:tid 18466] [client 2a04:c300:400::12d:54158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.santurri.net"] [uri "/.env.production"] [unique_id "akUnZ1JmkdREfLPAJURPcQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 14:17:40
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 10:17:36.084264 2026] [security2:error] [pid 15879:tid 15879] [client 2a04:c300:400::12d:60968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.goodideagirl.com"] [uri "/.env"] [unique_id "akUhgFzn0Y7HEv3FeBjz5wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-01 14:03:18
(3 days ago)
[WedJul0116:03:14.9729762026][security2:error][pid1637572:tid1637637][client2a04:c300:400::12d:0]Mod ...
show more
[WedJul0116:03:14.9729762026][security2:error][pid1637572:tid1637637][client2a04:c300:400::12d:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"prstartup.ch\"][uri\"/backend/.env\"][unique_id\"akUeIo9417owC5n1LEqEjQAAAIA\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:49:04
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:48:56.418964 2026] [security2:error] [pid 27014:tid 27014] [client 2a04:c300:400::12d:36802] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.terrybeachmusic.com"] [uri "/.env"] [unique_id "akUayOpHTEC1-yy8KkZIMAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 12:39:00
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::12d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:38:55.202534 2026] [security2:error] [pid 13438:tid 13460] [client 2a04:c300:400::12d:2974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.peapage.productions"] [uri "/.env"] [unique_id "akUKX0uOGtHjN3OA0_htoAAAAJM"]
show less
Brute-Force
Bad Web Bot
Web App Attack