๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:29
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 14:20:07
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 10:20:03.915037 2026] [security2:error] [pid 30642:tid 30642] [client 2a02:4780:11:2245:0:15dc:6e6b:1:60908] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cometoorderva.com"] [uri "/backend/.env"] [unique_id "aiV-E6FZjSiuwP6NEJyXyAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 12:14:46
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 08:14:43.394921 2026] [security2:error] [pid 31496:tid 31496] [client 2a02:4780:11:2245:0:15dc:6e6b:1:36330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xplustchad.com"] [uri "/admin/.env"] [unique_id "aiVgs7W5TGthZlsBRtD9dwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 11:29:06
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 07:29:02.990409 2026] [security2:error] [pid 964:tid 1094] [client 2a02:4780:11:2245:0:15dc:6e6b:1:49656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bougie-bengals.com"] [uri "/backend/.env"] [unique_id "aiVV_rU-uRyZDV-KCwGn2wAAAM8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 07:58:57
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 03:58:51.837132 2026] [security2:error] [pid 31838:tid 31935] [client 2a02:4780:11:2245:0:15dc:6e6b:1:49344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bocsite.com"] [uri "/api/.env.save"] [unique_id "aiUku-nPdjozjiL3svO1-AAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 05:21:26
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:21:19.696720 2026] [security2:error] [pid 25303:tid 25303] [client 2a02:4780:11:2245:0:15dc:6e6b:1:53354] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "novavistafoundation.org"] [uri "/backend/.env"] [unique_id "aiT_z6B5Ej6GZaxghJPKFgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-07 05:13:22
(4 weeks ago)
12 attacks on env grabbing URLs:
GET /app/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 04:24:03
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:23:56.240906 2026] [security2:error] [pid 17397:tid 17397] [client 2a02:4780:11:2245:0:15dc:6e6b:1:37992] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elgar.us"] [uri "/core/.env"] [unique_id "aiTyXNcW8KoPO92CE8jceQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
LotPhantom
2026-06-07 04:06:41
(4 weeks ago)
2026/06/07 04:06:41 [error] 46371#46371: *60687 access forbidden by rule, client: 2a02:4780:11:2245: ...
show more
2026/06/07 04:06:41 [error] 46371#46371: *60687 access forbidden by rule, client: 2a02:4780:11:2245:0:15dc:6e6b:1, server: wynnesmiles.com, request: "GET /admin/.env HTTP/1.1", host: "wynnesmiles.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 03:41:51
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:41:48.554914 2026] [security2:error] [pid 8296:tid 8296] [client 2a02:4780:11:2245:0:15dc:6e6b:1:42308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ronniejohnson.net"] [uri "/backend/.env"] [unique_id "aiTofALg9Z3OJ9KIhoIJIAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 01:51:56
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 21:51:51.723864 2026] [security2:error] [pid 9759:tid 9759] [client 2a02:4780:11:2245:0:15dc:6e6b:1:49756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robslasercreations.com"] [uri "/dev/.env"] [unique_id "aiTOt6qRgyQCv0g6PRTRZQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
XICTRON
2026-06-07 01:20:05
(4 weeks ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 01:04:41
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 21:04:37.871001 2026] [security2:error] [pid 31523:tid 31523] [client 2a02:4780:11:2245:0:15dc:6e6b:1:55852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advmach.com"] [uri "/app/.env"] [unique_id "aiTDpa--Gh60iXYz0bKW6AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 00:15:06
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:2245:0:15dc:6e6b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 20:15:00.114154 2026] [security2:error] [pid 4989:tid 4989] [client 2a02:4780:11:2245:0:15dc:6e6b:1:22580] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "niseigroup.com"] [uri "/dev/.env"] [unique_id "aiS4BLsl6xzIS_wE0CtwqgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-06 23:17:25
(4 weeks ago)
(modsecurity) srv102 ModSecurity 2a02:4780:11:2245:0:15dc:6e6b:1 (IN/India/-): 10 in the last 3600 s ...
show more
(modsecurity) srv102 ModSecurity 2a02:4780:11:2245:0:15dc:6e6b:1 (IN/India/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack