π©πͺ
Ba-Yu
2026-06-08 11:17:22
(3 weeks ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 11:09:12
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:09:04.831364 2026] [security2:error] [pid 28133:tid 28133] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:28036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mountainararattrek.com"] [uri "/dev/.env"] [unique_id "aiai0KtGa5TuxWSEdN72TQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§π·
Halux
2026-06-08 09:29:27
(3 weeks ago)
2a02:4780:3f:2179:0:1fd4:74a3:1 Web Application Firewall multiple violations
Hacking
Web App Attack
π³π±
BlueWire Hosting
2026-06-08 07:22:43
(3 weeks ago)
Probing websites for vulnerabilities
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 04:34:25
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:34:19.896564 2026] [security2:error] [pid 7392:tid 7392] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:18404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yourmenu.xyz"] [uri "/api/.env"] [unique_id "aiZGS79CLtQ6ZrGBdxq8pwAAAD4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 02:31:05
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:31:01.930758 2026] [security2:error] [pid 3177:tid 3177] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:26324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stapleton.productions"] [uri "/dev/.env"] [unique_id "aiYpZbC4g5Ahwh67ZCUkjwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ecs.ge
2026-06-08 01:42:14
(3 weeks ago)
Automatic Fail2Ban report from jail plesk-nginx-probes: multiple matching events detected.
Port Scan
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 00:16:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:16:13.734668 2026] [security2:error] [pid 21583:tid 21583] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:44160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grandersonheatingandcooling.com"] [uri "/api/.env"] [unique_id "aiYJzXqK9CFDQ1IXqQbRHgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-06-07 22:47:05
(3 weeks ago)
Try to access /app/.env
Web App Attack
π³π±
homeshowdomain.nl
2026-06-07 22:07:40
(4 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-07 20:00:59
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:00:54.474455 2026] [security2:error] [pid 25615:tid 25615] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:34054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gisresults.com"] [uri "/member/.env"] [unique_id "aiXN9rmumI-Bq458EfLkIAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 18:28:54
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:28:50.682249 2026] [security2:error] [pid 2278:tid 2280] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:56796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxury.management"] [uri "/backend/.env"] [unique_id "aiW4YgV_Wso3Iyn09BhcqgAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 17:53:17
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:53:11.832987 2026] [security2:error] [pid 1330:tid 1330] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:17020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "premiumstuffonline.com"] [uri "/.env"] [unique_id "aiWwB8M3McUd_Hq1QEz0BQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-06-07 16:38:58
(4 weeks ago)
Multiple WAF Violations
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 13:31:56
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:3f:2179:0:1fd4:74a3:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:31:49.524799 2026] [security2:error] [pid 10575:tid 10575] [client 2a02:4780:3f:2179:0:1fd4:74a3:1:44154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "health-gateways.com"] [uri "/api/.env"] [unique_id "aiVyxfAOzlCv7NbRz-2XPAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack