๐ฌ๐ง
openstrike.co.uk
2026-06-09 05:14:45
(3 weeks ago)
12 attacks on env grabbing URLs:
GET /.env HTTP/1.1
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:38
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
chronos
2026-06-08 07:02:01
(3 weeks ago)
[AUTORAVALT][[08/06/2026 - 04:02:00 -03:00 UTC]
Attack from [2a02:4780:27:2003:0:bf7:89c5:1][;; comm ...
show more
[AUTORAVALT][[08/06/2026 - 04:02:00 -03:00 UTC]
Attack from [2a02:4780:27:2003:0:bf7:89c5:1][;; communications error to 127.0.0.53#53: timed out]
Action: BLocKed
Hacking... Unauthorized attempts to access the server.
Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum s]
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-08 07:00:35
(3 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 05:21:19
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:21:12.308366 2026] [security2:error] [pid 29611:tid 29611] [client 2a02:4780:27:2003:0:bf7:89c5:1:30240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shipthunder.com"] [uri "/api/.env.save"] [unique_id "aiZRSD6bszSnZVcmBVk8zwAAAHQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 04:49:45
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:49:37.685944 2026] [security2:error] [pid 25400:tid 25400] [client 2a02:4780:27:2003:0:bf7:89c5:1:43804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lancehancock.com"] [uri "/core/.env"] [unique_id "aiZJ4Xb4bHGCHZHvbpK26wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 03:58:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:58:23.143036 2026] [security2:error] [pid 10836:tid 10890] [client 2a02:4780:27:2003:0:bf7:89c5:1:45610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "secdc.org"] [uri "/.env"] [unique_id "aiY93ygnvhHg7I1NCmXEuAAAAJY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 03:39:31
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:39:27.331245 2026] [security2:error] [pid 13351:tid 13351] [client 2a02:4780:27:2003:0:bf7:89c5:1:26286] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hal.dance"] [uri "/.env.save"] [unique_id "aiY5bzTYzPK5nxwccKq36wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:08:58
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:08:51.980417 2026] [security2:error] [pid 22260:tid 22260] [client 2a02:4780:27:2003:0:bf7:89c5:1:33648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carbonless.net"] [uri "/members/.env"] [unique_id "aiYkMw4x6Mm8_Qaz_q9OLgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-06-08 00:01:10
(3 weeks ago)
Environment file probe
Web App Attack
๐ฉ๐ช
roxyapi
2026-06-07 23:59:19
(3 weeks ago)
Honeypot: automated vulnerability scan / web app attack. Last probe: GET /api/.env
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-07 22:16:06
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:16:01.719185 2026] [security2:error] [pid 27343:tid 27343] [client 2a02:4780:27:2003:0:bf7:89c5:1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswithcamerasmovie.com"] [uri "/admin/.env"] [unique_id "aiXtoXvtTqvVdDAV9NxF_AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐น
Renรฉ Hickersberger
2026-06-07 21:48:40
(3 weeks ago)
[2026-06-07T21:48:40Z] Malicious request to /members/.env
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:45:46
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:45:40.073371 2026] [security2:error] [pid 24189:tid 24189] [client 2a02:4780:27:2003:0:bf7:89c5:1:43638] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grabnerconsulting.com"] [uri "/core/.env.save"] [unique_id "aiXYdPw16u-lcWL6SBgZlgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:21:29
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:27:2003:0:bf7:89c5:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:21:22.034845 2026] [security2:error] [pid 12376:tid 12376] [client 2a02:4780:27:2003:0:bf7:89c5:1:59044] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4dbm.com"] [uri "/api/.env"] [unique_id "aiXSwrgm3apx3OHa8i3HyAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack