๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:38
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-06.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 03:20:16
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 23:20:08.567647 2026] [security2:error] [pid 8770:tid 8770] [client 2a04:c300:400::161:17458] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fluff3.instagenii.com"] [uri "/.env.production"] [unique_id "akxwaEbgu5fLu1xL6M5lSQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 02:27:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:27:02.098306 2026] [security2:error] [pid 11744:tid 11744] [client 2a04:c300:400::161:54072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.richmondrents.com"] [uri "/.env"] [unique_id "akxj9pIJCh3C6kcvw6PX4gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 01:05:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 21:05:19.908956 2026] [security2:error] [pid 7288:tid 7288] [client 2a04:c300:400::161:61666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.helstone.com"] [uri "/.env"] [unique_id "akxQz15HO45YlNtgmnCwBwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 00:47:15
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 20:47:07.818529 2026] [security2:error] [pid 11507:tid 11507] [client 2a04:c300:400::161:44494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lastreetsbykarensperling.com"] [uri "/.env"] [unique_id "akxMiwg7V2FoJX29781tewAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:54:18
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:54:12.261196 2026] [security2:error] [pid 16449:tid 16449] [client 2a04:c300:400::161:61140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.tdj.me"] [uri "/.env"] [unique_id "akxAJMREIk_ppgwjrTw6MgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 22:13:35
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 18:13:31.159489 2026] [security2:error] [pid 5536:tid 5536] [client 2a04:c300:400::161:44912] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thesteeldrumman.com"] [uri "/.env.backup"] [unique_id "akwoi5fXTjDhst0GJKxJ8wAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 21:39:43
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:39:38.241233 2026] [security2:error] [pid 26159:tid 26159] [client 2a04:c300:400::161:19968] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rocketcityhotwheelers.com"] [uri "/.env"] [unique_id "akwgmnLJ2BWodi0OJWTqsQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-06 21:34:15
(2 days ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 21:21:03
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:20:57.695716 2026] [security2:error] [pid 715:tid 718] [client 2a04:c300:400::161:29944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.aliqsha.com"] [uri "/.env.old"] [unique_id "akwcOUeJIZwWrtZEIeghngAAAEE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-06 20:42:14
(2 days ago)
(modsecurity) srv102 ModSecurity 2a04:c300:400::161 (US/United States/-): 10 in the last 3600 secs; ...
show more
(modsecurity) srv102 ModSecurity 2a04:c300:400::161 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 20:39:29
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:39:25.353076 2026] [security2:error] [pid 23505:tid 23505] [client 2a04:c300:400::161:61308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thescarfcompany.com"] [uri "/.env"] [unique_id "akwSfblwNBcgwWtEvkC7OQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 20:21:49
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:21:44.930683 2026] [security2:error] [pid 21231:tid 21231] [client 2a04:c300:400::161:55086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.xygil.com"] [uri "/.env"] [unique_id "akwOWACFYfsoZ8_mwwg_JQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 20:06:15
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:06:12.044248 2026] [security2:error] [pid 5968:tid 5968] [client 2a04:c300:400::161:53582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notariarivera.tecnoconce.com"] [uri "/.env"] [unique_id "akwKtHvq1I1mGPJhb4nsQgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 19:32:40
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::161 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 15:32:33.052863 2026] [security2:error] [pid 3716:tid 3716] [client 2a04:c300:400::161:30224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.austinbiblestudents.org"] [uri "/.env"] [unique_id "akwC0WHORWFhtUm9ZhDnbQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack