๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:04
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:38
(3 weeks ago)
24 attacks on env grabbing URLs:
GET /api/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 01:27:56
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:27:48.977864 2026] [security2:error] [pid 19436:tid 19436] [client 2a02:4780:11:769:0:33f4:47e:1:36794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sutherlandyogastudio.com"] [uri "/admin/.env"] [unique_id "aiYalGB0DnydE-2p9kmIYgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:59:06
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:59:02.716830 2026] [security2:error] [pid 25101:tid 25101] [client 2a02:4780:11:769:0:33f4:47e:1:27308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "insidepublications.com"] [uri "/api/.env.save"] [unique_id "aiYFxgtgtrrALYFSTZr3RwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-07 23:22:53
(3 weeks ago)
"GET /admin/.env HTTP/1.1"
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:48:28
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:48:26.019712 2026] [security2:error] [pid 25253:tid 25253] [client 2a02:4780:11:769:0:33f4:47e:1:23188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seacorre.de"] [uri "/admin/.env"] [unique_id "aiXZGunb1HYTp3gNY_51XgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:23:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:23:47.708072 2026] [security2:error] [pid 29111:tid 29111] [client 2a02:4780:11:769:0:33f4:47e:1:59944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eantonie.com"] [uri "/.env.save"] [unique_id "aiXTU3meLQdMFxJ_KB9eZAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-07 20:16:33
(3 weeks ago)
[SunJun0722:16:27.1895752026][security2:error][pid114733:tid114860][client2a02:4780:11:769:0:33f4:47 ...
show more
[SunJun0722:16:27.1895752026][security2:error][pid114733:tid114860][client2a02:4780:11:769:0:33f4:47e:1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"maxay.ch\"][uri\"/backend/.env\"][unique_id\"aiXRm7s6lAAfWaEoxLCBsgAAAQ0\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 18:58:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:58:09.429455 2026] [security2:error] [pid 27104:tid 27104] [client 2a02:4780:11:769:0:33f4:47e:1:17192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swindon-itf.com"] [uri "/dev/.env"] [unique_id "aiW_QYxNWZOomjPvpDctMgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 17:16:36
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:16:32.769333 2026] [security2:error] [pid 25592:tid 25592] [client 2a02:4780:11:769:0:33f4:47e:1:43398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rddeckerphotography.com"] [uri "/app/.env"] [unique_id "aiWncMy6R6yIvMXQUs1g4AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 16:52:41
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:52:34.777235 2026] [security2:error] [pid 32655:tid 32655] [client 2a02:4780:11:769:0:33f4:47e:1:41116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "centreguephel.org"] [uri "/core/.env"] [unique_id "aiWh0ugl2_LvhHLMe3vmIgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 16:26:45
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:26:42.411750 2026] [security2:error] [pid 31572:tid 31572] [client 2a02:4780:11:769:0:33f4:47e:1:17454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "serpentstudios.com"] [uri "/api/.env"] [unique_id "aiWbwuWFQv5skTCTzDZNDgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 14:49:43
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 10:49:37.917281 2026] [security2:error] [pid 5429:tid 5429] [client 2a02:4780:11:769:0:33f4:47e:1:47124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sydneysue.com"] [uri "/admin/.env"] [unique_id "aiWFAUQFkJ1NlaSDKHICDgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
ciccio diddo
2026-06-07 14:42:54
(3 weeks ago)
CMS/WP Exploit multiple 404 port:Tcp/80,443
Brute-Force
Web App Attack
๐ณ๐ฑ
sernate
2026-06-07 12:26:06
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 10 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:769:0:33f4:47e:1 (Unknown): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC
show less
Brute-Force