๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 22:00:37
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 11:52:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:52:50.382463 2026] [security2:error] [pid 7501:tid 7501] [client 2a02:4780:11:1840:0:c43:f67e:1:34686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yareblooms.click"] [uri "/members/.env"] [unique_id "aiatEloabnzGHUR8-Sb78AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dklueh79
2026-06-08 08:33:25
(3 weeks ago)
Probe for vulnerabilities. Path attempted: /.env.save
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-08 07:59:36
(3 weeks ago)
Try to access /dev/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 07:19:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:18:52.892749 2026] [security2:error] [pid 19940:tid 19940] [client 2a02:4780:11:1840:0:c43:f67e:1:34812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wellness-mastery.com"] [uri "/dev/.env"] [unique_id "aiZs3JTUfwQqIleXcK8L8AAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 06:32:14
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:32:11.392360 2026] [security2:error] [pid 24507:tid 24507] [client 2a02:4780:11:1840:0:c43:f67e:1:64604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cms2020.com"] [uri "/members/.env"] [unique_id "aiZh6xXBqrvUDE_LtT2A_AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 06:11:25
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:11:20.463721 2026] [security2:error] [pid 26900:tid 26900] [client 2a02:4780:11:1840:0:c43:f67e:1:18664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carlgrauelcsw.com"] [uri "/laravel/.env"] [unique_id "aiZdCNnX5bG01hbEIqY1mwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 05:17:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:17:24.531335 2026] [security2:error] [pid 22091:tid 22091] [client 2a02:4780:11:1840:0:c43:f67e:1:52284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hilltopfound.com"] [uri "/backend/.env"] [unique_id "aiZQZCHBBlHOFLw5sx8xsgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:53:59
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:53:53.620239 2026] [security2:error] [pid 17093:tid 17093] [client 2a02:4780:11:1840:0:c43:f67e:1:52256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kriske.com"] [uri "/dev/.env"] [unique_id "aiYuwfe9N2x0hIMKQRcFbQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:51:43
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:51:40.390971 2026] [security2:error] [pid 26730:tid 26730] [client 2a02:4780:11:1840:0:c43:f67e:1:35888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "warpspeed7.com"] [uri "/app/.env"] [unique_id "aiYEDEaPtiJ8_Jh2CfSZZAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 21:36:21
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:36:14.264122 2026] [security2:error] [pid 11403:tid 11403] [client 2a02:4780:11:1840:0:c43:f67e:1:31844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mewebdesign.com"] [uri "/api/.env.save"] [unique_id "aiXkTiPxPHw8-WgRC10gvAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 21:20:42
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:20:37.510769 2026] [security2:error] [pid 4595:tid 4595] [client 2a02:4780:11:1840:0:c43:f67e:1:40466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giveorcas.org"] [uri "/backend/.env"] [unique_id "aiXgpUNdKRXSyK9Y7DwAXQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 16:41:34
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1840:0:c43:f67e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:41:26.907299 2026] [security2:error] [pid 23573:tid 23580] [client 2a02:4780:11:1840:0:c43:f67e:1:57630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "danelandia.com"] [uri "/admin/.env"] [unique_id "aiWfNrwzlFZDk_erQsUD9AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
nfsec.pl
2026-06-07 16:03:24
(3 weeks ago)
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /members/.env HTTP/1.1" 403 807 ...
show more
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /members/.env HTTP/1.1" 403 8071 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /laravel/.env HTTP/1.1" 403 8070 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /app/.env HTTP/1.1" 403 8071 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /admin/.env HTTP/1.1" 403 8071 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
2a02:4780:11:1840:0:c43:f67e:1 - - [07/Jun/2026:16:03:23 +0000] "GET /api/.env.save HT
...
show less
Web App Attack
Exploited Host
๐บ๐ธ
WizardsToolkit
2026-06-07 15:34:37
(3 weeks ago)
attempted to access /dev/.env
Web App Attack