๐จ๐ญ
4server
2026-06-08 13:43:46
(3 weeks ago)
[MonJun0815:43:41.5222112026][security2:error][pid288836:tid289058][client2a02:4780:3f:2124:0:9e9:43 ...
show more
[MonJun0815:43:41.5222112026][security2:error][pid288836:tid289058][client2a02:4780:3f:2124:0:9e9:43ef:1:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"leonitraslochi.ch\"][uri\"/core/.env\"][unique_id\"aibHDYm27jmo0QXTTpdXxgAAAMc\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 13:24:59
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:24:55.825936 2026] [security2:error] [pid 2051:tid 2051] [client 2a02:4780:3f:2124:0:9e9:43ef:1:23890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robotrodeo.net"] [uri "/laravel/.env"] [unique_id "aibCp1cuOP_jkKjiCEpEqQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
dtorrer
2026-06-08 13:06:47
(3 weeks ago)
General vulnerability scan.
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-08 12:28:19
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:28:16.104941 2026] [security2:error] [pid 13537:tid 13537] [client 2a02:4780:3f:2124:0:9e9:43ef:1:58722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bees.properties"] [uri "/member/.env"] [unique_id "aia1YLPoQ2rEr7bQYtfUdAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-08 11:15:03
(3 weeks ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-08 07:39:08
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:39:00.528154 2026] [security2:error] [pid 5276:tid 5276] [client 2a02:4780:3f:2124:0:9e9:43ef:1:46104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caralis.com"] [uri "/member/.env"] [unique_id "aiZxlHwCUQSsy-1SEEfSQQAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 06:20:50
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:20:43.507369 2026] [security2:error] [pid 655:tid 655] [client 2a02:4780:3f:2124:0:9e9:43ef:1:22566] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "montebiancoltd.com"] [uri "/.env"] [unique_id "aiZfO_NlV9IZS5cs1V9v-gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:00
(3 weeks ago)
9 attacks on env grabbing URLs:
GET /dev/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 04:49:34
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:49:31.823220 2026] [security2:error] [pid 17555:tid 17555] [client 2a02:4780:3f:2124:0:9e9:43ef:1:58062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jaojoco.com"] [uri "/backend/.env"] [unique_id "aiZJ26UF2k5I_6AjNOsd9QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 04:06:04
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:05:57.218729 2026] [security2:error] [pid 29108:tid 29108] [client 2a02:4780:3f:2124:0:9e9:43ef:1:33226] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sdwsk8.com"] [uri "/api/.env"] [unique_id "aiY_pSVsr61mI7qXpAtz0wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐น
Renรฉ Hickersberger
2026-06-08 01:57:09
(3 weeks ago)
[2026-06-08T01:57:08Z] Malicious request to /admin/.env
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:42:11
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:42:06.411683 2026] [security2:error] [pid 12091:tid 12091] [client 2a02:4780:3f:2124:0:9e9:43ef:1:60164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angelaridgwaydressage.com"] [uri "/dev/.env"] [unique_id "aiYd7vcskelWStnxZo7F4wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-07 22:07:25
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 21:02:45
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2124:0:9e9:43ef:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:02:38.985966 2026] [security2:error] [pid 6709:tid 6709] [client 2a02:4780:3f:2124:0:9e9:43ef:1:20088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "i-spose.com"] [uri "/dev/.env"] [unique_id "aiXcbo0gp9lTLkasWqweCQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-07 20:31:56
(3 weeks ago)
[redacted] 2a02:4780:3f:2124:0:9e9:43ef:1 - - [07/Jun/2026:21:31:54 +0100] "GET /member/.env HTTP/1. ...
show more
[redacted] 2a02:4780:3f:2124:0:9e9:43ef:1 - - [07/Jun/2026:21:31:54 +0100] "GET /member/.env HTTP/1.1" 302 5283 0/67047 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:3f:2124:0:9e9:43ef:1 - - [07/Jun/2026:21:31:54 +0100] "GET /.env HTTP/1.1" 302 5283 0/76244 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:3f:2124:0:9e9:43ef:1 - - [07/Jun/2026:21:31:54 +0100] "GET /dev/.env HTTP/1.1" 302 5283 0/63372 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
show less
Bad Web Bot
Web App Attack