๐บ๐ธ
technojoe99
2026-06-08 14:28:43
(3 weeks ago)
Exploit scan from 2a02:4780:3f:2124:0:7e0:2a7b:1. GET /admin/.env HTTP/1.1.
Web App Attack
๐จ๐ญ
YF
2026-06-08 13:05:12
(3 weeks ago)
404 errors Vulnerability scan
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-08 10:29:27
(3 weeks ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 09:33:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:33:19.495616 2026] [security2:error] [pid 26211:tid 26211] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:25546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frickandfracks.com"] [uri "/backend/.env"] [unique_id "aiaMX0M6quDzlR4Ptm1t5gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-08 09:31:41
(3 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 08:11:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:11:24.155119 2026] [security2:error] [pid 8149:tid 8149] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:57260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glassclublake.com"] [uri "/dev/.env"] [unique_id "aiZ5LLmDO0JlZxI__7HSTgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-08 06:05:45
(3 weeks ago)
Try to access /api/.env
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-08 05:11:07
(3 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 04:05:53
(3 weeks ago)
(mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:949110) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:05:49.836943 2026] [security2:error] [pid 12725:tid 12725] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:40186] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ugandaconnection.com"] [uri "/backend/.env"] [unique_id "aiY_nSzPwn5bF6ZMJ-D5tAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:15:57
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:15:54.691013 2026] [security2:error] [pid 14717:tid 14717] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:38326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kraftre.com"] [uri "/.env"] [unique_id "aiX7qp0GOpM5hmqQ8SV0SQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 22:56:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:56:16.409853 2026] [security2:error] [pid 12394:tid 12394] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:28616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tanny.com"] [uri "/.env"] [unique_id "aiX3ECn-bOxhy3X7W3AtMQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-07 22:06:43
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 19:21:22
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:21:15.991354 2026] [security2:error] [pid 1141:tid 1141] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:64858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weird.eco"] [uri "/backend/.env"] [unique_id "aiXEq508eVxJGVtvnn1CWgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
oh.mg
2026-06-07 16:43:38
(3 weeks ago)
[Sun Jun 07 18:43:38.002295 2026] [security2:error] [pid 1770918:tid 1770933] [client 2a02:4780:3f:2 ...
show more
[Sun Jun 07 18:43:38.002295 2026] [security2:error] [pid 1770918:tid 1770933] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:64738] [client 2a02:4780:3f:2124:0:7e0:2a7b:1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mrman.co.uk"] [uri "/backend/.env"] [unique_id "aiWfuvCt5x9SD2Pshfy2OAAAAE0"]
[Sun Jun 07 18:43:38.002299 2026] [security2:error] [pid 1770918:tid 1770942] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:64688] [client 2a02:4780:3f:2124:0:7e0:2a7b:1] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Ano
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-07 16:35:07
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:7e0:2a7b:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:35:00.634237 2026] [security2:error] [pid 29542:tid 29542] [client 2a02:4780:3f:2124:0:7e0:2a7b:1:50116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "briancastle.com"] [uri "/.env"] [unique_id "aiWdtNN6YFtgfjQmQdZ-rwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack