๐ณ๐ฑ
homeshowdomain.nl
2026-06-16 22:03:45
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15.
show less
Web App Attack
SSH
Hacking
๐ฌ๐ง
openstrike.co.uk
2026-06-16 05:15:25
(2 weeks ago)
9 attacks on env grabbing URLs:
GET /.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-15 20:15:43
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:15:35.781651 2026] [security2:error] [pid 848:tid 848] [client 2407:3640:2267:8707::1:43164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roguetechhub.com"] [uri "/app/.env"] [unique_id "ajBdZ8FmIWKnvb_9VhKT4QAAAGQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-15 18:47:27
(2 weeks ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-06-15 18:07:56
(2 weeks ago)
(apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 2407:3640: ...
show more
(apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2407:3640:2267:8707::1 - - [15/Jun/2026:20:07:52 +0200] "GET /api/.env HTTP/1.1" 403 405 "-" "Go-http-client/1.1"
2407:3640:2267:8707::1 - - [15/Jun/2026:20:07:52 +0200] "GET /.env HTTP/1.1" 403 405 "-" "Go-http-client/1.1"
2407:3640:2267:8707::1 - - [15/Jun/2026:20:07:52 +0200] "GET /app/.env HTTP/1.1" 403 405 "-" "Go-http-client/1.1"
2407:3640:2267:8707::1 - - [15/Jun/2026:20:07:52 +0200] "GET /.env HTTP/1.1" 403 3515 "-" "Go-http-client/1.1"
2407:3640:2267:8707::1 - - [15/Jun/2026:20:07:52 +0200] "GET /app/.env HTTP/1.1" 403 3515 "-" "Go-http-client/1.1"
show less
Port Scan
๐ฉ๐ช
XICTRON
2026-06-15 18:00:07
(2 weeks ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐ซ๐ฎ
stinpriza
2026-06-15 17:19:18
(2 weeks ago)
Web App Attack
Web App Attack
๐ฉ๐ช
Viveronese
2026-06-15 17:09:28
(2 weeks ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 14:36:38
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:36:35.378627 2026] [security2:error] [pid 27390:tid 27390] [client 2407:3640:2267:8707::1:34168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolutionmedical.help"] [uri "/.env"] [unique_id "ajAN8xABz4d-FQAJObQUrwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 13:54:58
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:54:51.131570 2026] [security2:error] [pid 21268:tid 21268] [client 2407:3640:2267:8707::1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nyemdr.com"] [uri "/.env"] [unique_id "ajAEK2yKb4Q5fU04NS_yGgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 13:32:31
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:32:23.901914 2026] [security2:error] [pid 12168:tid 12168] [client 2407:3640:2267:8707::1:47848] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollistercomputer.com"] [uri "/api/.env"] [unique_id "ai_-50naCIkcQn7d-7vkoQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-15 12:18:23
(2 weeks ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐ณ๐ฑ
e.fierstra
2026-06-15 12:00:37
(2 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 11:35:09
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2407:3640:2267:8707::1 (vmi2678707.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:35:02.586698 2026] [security2:error] [pid 21888:tid 21888] [client 2407:3640:2267:8707::1:41970] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joebankx.com"] [uri "/api/.env"] [unique_id "ai_jZhheRlivgOSCoeDQVgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
Anytech
2026-06-15 11:34:40
(2 weeks ago)
Blocked by Conn-Monitor: Automated bot activity
Web App Attack