๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:10
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 05:15:09
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:15:03.752146 2026] [security2:error] [pid 15849:tid 15849] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:42298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovelybeyondwords.com"] [uri "/core/.env.save"] [unique_id "aiZP1yo_bw92Rtbc8zq9CAAAADs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:31
(3 weeks ago)
24 attacks on env grabbing URLs:
GET /backend/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 03:22:29
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:22:24.808661 2026] [security2:error] [pid 9513:tid 9513] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:48906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stapleton.productions"] [uri "/backend/.env"] [unique_id "aiY1cFblzAESz1UUrvpG4gAAAF0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
tall1oN
2026-06-08 02:30:15
(3 weeks ago)
2a02:4780:11:1980:0:3ae2:cfdb:1 - - [08/Jun/2026:04:30:15 +0200] "GET /backend/.env HTTP/2.0" 206 40 ...
show more
2a02:4780:11:1980:0:3ae2:cfdb:1 - - [08/Jun/2026:04:30:15 +0200] "GET /backend/.env HTTP/2.0" 206 4001 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "tallion.de"
2a02:4780:11:1980:0:3ae2:cfdb:1 - - [08/Jun/2026:04:30:15 +0200] "GET /.env.save HTTP/2.0" 206 4001 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" "tallion.de"
...
show less
Web App Attack
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 01:53:41
(3 weeks ago)
(mod_security) mod_security (id:949110) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:949110) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:53:35.842861 2026] [security2:error] [pid 31578:tid 31578] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:18888] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "i-dataph.com"] [uri "/admin/.env"] [unique_id "aiYgn_Y3bTtAF743fUlvQgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-06-08 01:18:18
(3 weeks ago)
Domain : jurassickitchens.co.uk
Rule : env
2026-06-08 01:15:57 2a00:5d80:7821:701::150 GET /laravel/ ...
show more
Domain : jurassickitchens.co.uk
Rule : env
2026-06-08 01:15:57 2a00:5d80:7821:701::150 GET /laravel/.env - 443 - 2a02:4780:11:1980:0:3ae2:cfdb:1 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36 - jurassickitchens.co.uk 404 0 64 0 235 13508 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-07 22:36:19
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:36:14.060791 2026] [security2:error] [pid 15498:tid 15498] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:37588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mkdesignndetailing.com"] [uri "/core/.env"] [unique_id "aiXyXjQ7mCswqi4ElI2KDAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-07 19:56:11
(3 weeks ago)
(modsecurity) srv102 ModSecurity 2a02:4780:11:1980:0:3ae2:cfdb:1 (IN/India/-): 10 in the last 3600 s ...
show more
(modsecurity) srv102 ModSecurity 2a02:4780:11:1980:0:3ae2:cfdb:1 (IN/India/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 18:57:09
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:57:03.755342 2026] [security2:error] [pid 9207:tid 9207] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:48404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cruisedawgs.com"] [uri "/admin/.env"] [unique_id "aiW-__KpRpTYpbPaZemkrwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 18:41:13
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:41:06.404079 2026] [security2:error] [pid 27326:tid 27326] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:46586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "accomplishedmagazine.com"] [uri "/.env"] [unique_id "aiW7Qo5mZTLtfflAIbhBAwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 15:37:01
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:36:55.179672 2026] [security2:error] [pid 28633:tid 28633] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:63716] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidsonmanagement.net"] [uri "/members/.env"] [unique_id "aiWQF9-1nE0ZaCDhywaJMQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 15:13:44
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:13:36.635991 2026] [security2:error] [pid 22523:tid 22523] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:59312] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nickersoncarpentry.com"] [uri "/admin/.env"] [unique_id "aiWKoDPfkpWQn04vhe_aWwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 13:48:04
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:47:56.035355 2026] [security2:error] [pid 14043:tid 14043] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:64168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laminasdominicanas.com"] [uri "/api/.env"] [unique_id "aiV2jGbmaanoFa0w77FHRgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 12:22:40
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1980:0:3ae2:cfdb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:22:35.078133 2026] [security2:error] [pid 30301:tid 30301] [client 2a02:4780:11:1980:0:3ae2:cfdb:1:33608] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "garanta.co"] [uri "/dev/.env"] [unique_id "aiViiw7jTFzmWvtifUQiJwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack