๐ณ๐ฑ
homeshowdomain.nl
2026-07-04 22:00:24
(3 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-03.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 05:21:37
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:21:30.825400 2026] [security2:error] [pid 29369:tid 29369] [client 2a09:bac5:280a:248c::3a4:1f:14890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.normsrotorservice.com"] [uri "/.env"] [unique_id "akiYWkhYHhNhPwVX6MXsDQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
interbiznw.com
2026-07-04 03:38:37
(3 days ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ซ๐ท
Baking333
2026-07-04 02:06:49
(3 days ago)
[redacted] 2a09:bac5:280a:248c::3a4:1f - - [04/Jul/2026:03:06:47 +0100] "GET /.git/logs/HEAD HTTP/2. ...
show more
[redacted] 2a09:bac5:280a:248c::3a4:1f - - [04/Jul/2026:03:06:47 +0100] "GET /.git/logs/HEAD HTTP/2.0" 301 177 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" [redacted] 2a09:bac5:280a:248c::3a4:1f - - [04/Jul/2026:03:06:47 +0100] "GET /.git/config HTTP/2.0" 301 152 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15"
show less
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-04 01:42:45
(4 days ago)
174 requests with url.path *credentials.json
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-04 01:33:40
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:33:33.399949 2026] [security2:error] [pid 19570:tid 19570] [client 2a09:bac5:280a:248c::3a4:1f:56988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.dshgraphics.com"] [uri "/.env"] [unique_id "akhi7clXd4Mw2HJWmME1swAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:06:59
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:06:51.993078 2026] [security2:error] [pid 21517:tid 21517] [client 2a09:bac5:280a:248c::3a4:1f:27488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.westerncarolinabass.org"] [uri "/app/.env"] [unique_id "akhOm9JY2USSL5yT1hkQngAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:17:20
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:17:16.128683 2026] [security2:error] [pid 19379:tid 19396] [client 2a09:bac5:280a:248c::3a4:1f:46718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.myrasnyder.com"] [uri "/.env"] [unique_id "akg07LkfyOzz6KRVngN1SAAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:42:00
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:41:54.681110 2026] [security2:error] [pid 23243:tid 23257] [client 2a09:bac5:280a:248c::3a4:1f:65248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "possibilitywhisperer.teritemme.com"] [uri "/app/.env"] [unique_id "akf0YjSqiz-J35GzoYMhUQAAAgs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 12:21:46
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:21:39.553826 2026] [security2:error] [pid 22996:tid 22996] [client 2a09:bac5:280a:248c::3a4:1f:32712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.parkhan.com"] [uri "/.env"] [unique_id "akepU6qdG5GM9kdVRn_u1AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:19:14
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:19:09.568895 2026] [security2:error] [pid 7824:tid 7824] [client 2a09:bac5:280a:248c::3a4:1f:45234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hayatmotifi.com.kircali.net"] [uri "/.env.staging"] [unique_id "akearbXSlNxgxZEikWI36QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
venus.launch.bz
2026-07-03 09:29:42
(4 days ago)
(mod_security) mod_security triggered on hostname [redacted] 2a09:bac5:280a:248c::3a4:1f (Unknown)
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-03 08:14:31
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:14:23.341415 2026] [security2:error] [pid 12364:tid 12364] [client 2a09:bac5:280a:248c::3a4:1f:59200] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isyourcorporationsafe.com.alanmariotti.com"] [uri "/.git/HEAD"] [unique_id "akdvX-KmfH23yNZtYru3GQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:58:05
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:280a:248c::3a4:1f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:57:59.217813 2026] [security2:error] [pid 13051:tid 13051] [client 2a09:bac5:280a:248c::3a4:1f:14128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.newlife.org.au"] [uri "/.env"] [unique_id "akddd4rcTj3gMLdgITMbRQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-03 05:10:06
(4 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack