๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 22:00:14
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
oralunal
2026-06-08 12:06:58
(3 weeks ago)
IP banned by Fail2Ban in jail oral-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 10:41:50
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:41:46.279037 2026] [security2:error] [pid 7404:tid 7404] [client 2a02:4780:6:2080:0:229b:8fcb:1:58228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nhgrange.org"] [uri "/app/.env"] [unique_id "aiacanfBI1LTg-6XI3nikAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-08 09:15:03
(3 weeks ago)
[MonJun0811:14:56.9967942026][security2:error][pid997374:tid997526][client2a02:4780:6:2080:0:229b:8f ...
show more
[MonJun0811:14:56.9967942026][security2:error][pid997374:tid997526][client2a02:4780:6:2080:0:229b:8fcb:1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"gmint.ch\"][uri\"/core/.env\"][unique_id\"aiaIEL33l7mVsQpG6tCeugAAARE\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ซ๐ท
Baking333
2026-06-08 05:35:45
(3 weeks ago)
[redacted] 2a02:4780:6:2080:0:229b:8fcb:1 - - [08/Jun/2026:06:35:43 +0100] "GET /laravel/.env HTTP/2 ...
show more
[redacted] 2a02:4780:6:2080:0:229b:8fcb:1 - - [08/Jun/2026:06:35:43 +0100] "GET /laravel/.env HTTP/2.0" 301 299 "https://[redacted]/laravel/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:6:2080:0:229b:8fcb:1 - - [08/Jun/2026:06:35:43 +0100] "GET /backend/.env HTTP/2.0" 301 299 "https://[redacted]/backend/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:45
(3 weeks ago)
9 attacks on env grabbing URLs:
GET /app/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 02:43:29
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:43:25.620024 2026] [security2:error] [pid 1511:tid 1522] [client 2a02:4780:6:2080:0:229b:8fcb:1:46456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lzmarketingsolutions.com"] [uri "/admin/.env"] [unique_id "aiYsTVp97rLagLLuNf0mbgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:21:39
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:21:32.099502 2026] [security2:error] [pid 25023:tid 25023] [client 2a02:4780:6:2080:0:229b:8fcb:1:31454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jean-louisdarville.com"] [uri "/core/.env"] [unique_id "aiYZHJibECpyzQWh-7F_rwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:31:56
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:31:51.674535 2026] [security2:error] [pid 13429:tid 13429] [client 2a02:4780:6:2080:0:229b:8fcb:1:53350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fixmyland.com"] [uri "/backend/.env"] [unique_id "aiX_Z7wMscy0OS7JeV4izQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-07 22:17:09
(4 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:57:54
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:57:49.156870 2026] [security2:error] [pid 1562:tid 1678] [client 2a02:4780:6:2080:0:229b:8fcb:1:60050] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jomega.org"] [uri "/backend/.env"] [unique_id "aiXbTYKgd8UONuVsPyTFgwAAAhg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 18:42:05
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 14:42:01.393084 2026] [security2:error] [pid 31307:tid 31307] [client 2a02:4780:6:2080:0:229b:8fcb:1:54762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emmlogistics.com"] [uri "/member/.env"] [unique_id "aiW7eYPAAejOdVpo-JWMnAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 17:21:01
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:20:56.112031 2026] [security2:error] [pid 19019:tid 19019] [client 2a02:4780:6:2080:0:229b:8fcb:1:27038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iplantotravel.com"] [uri "/.env"] [unique_id "aiWoeL68ULGGS82wLRK9tgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 16:59:51
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:59:43.649235 2026] [security2:error] [pid 30925:tid 30925] [client 2a02:4780:6:2080:0:229b:8fcb:1:35428] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desoucey.com"] [uri "/member/.env"] [unique_id "aiWjf--p4_Pjjeo1g_6UJgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 16:32:44
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2080:0:229b:8fcb:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:32:38.007719 2026] [security2:error] [pid 23487:tid 23487] [client 2a02:4780:6:2080:0:229b:8fcb:1:62040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackkerrart.com"] [uri "/app/.env"] [unique_id "aiWdJgtro5yfTV3MlzW4sAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack