๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:59
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 10:08:42
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:08:34.952608 2026] [security2:error] [pid 1784:tid 1784] [client 2a02:4780:6:2087:0:1f41:bc39:1:49542] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jrpiano.com"] [uri "/members/.env"] [unique_id "aiaUoqqAC5g38wZHqx1e_gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-08 03:47:41
(3 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:02:11
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:02:06.329155 2026] [security2:error] [pid 26659:tid 26659] [client 2a02:4780:6:2087:0:1f41:bc39:1:63920] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "willymoc.com"] [uri "/dev/.env"] [unique_id "aiYint8k8uXQ-MJmiK2D4QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-08 01:35:32
(3 weeks ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 00:17:16
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:17:10.333701 2026] [security2:error] [pid 31142:tid 31142] [client 2a02:4780:6:2087:0:1f41:bc39:1:57582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dougscomputers.com"] [uri "/core/.env"] [unique_id "aiYKBmqmrlPZDd-mfKjzkwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 22:04:38
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:04:30.690374 2026] [security2:error] [pid 11993:tid 11993] [client 2a02:4780:6:2087:0:1f41:bc39:1:25234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ardeeapps.com"] [uri "/.env.save"] [unique_id "aiXq7j6LJUFUhC68JeZ6LgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 19:52:24
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:52:20.454034 2026] [security2:error] [pid 17582:tid 17582] [client 2a02:4780:6:2087:0:1f41:bc39:1:20738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taskmasterstech.com"] [uri "/core/.env.save"] [unique_id "aiXL9NpaA04jKyTb69FwWwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 19:16:01
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:15:56.375677 2026] [security2:error] [pid 23337:tid 23342] [client 2a02:4780:6:2087:0:1f41:bc39:1:23880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dasperformance.com"] [uri "/laravel/.env"] [unique_id "aiXDbFHaGUORF63vOXN99gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 17:14:14
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:14:01.179404 2026] [security2:error] [pid 16586:tid 16586] [client 2a02:4780:6:2087:0:1f41:bc39:1:41858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lionheartpublications.com"] [uri "/laravel/.env"] [unique_id "aiWm2WWbLTZs00IX5SWhxgAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-07 17:09:51
(3 weeks ago)
2a02:4780:6:2087:0:1f41:bc39:1 - - [07/Jun/2026:17:09:50 +0000] "GET /.env HTTP/1.1" 404 6134 "-" "M ...
show more
2a02:4780:6:2087:0:1f41:bc39:1 - - [07/Jun/2026:17:09:50 +0000] "GET /.env HTTP/1.1" 404 6134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
SLSLLC
2026-06-07 16:28:41
(3 weeks ago)
2a02:4780:6:2087:0:1f41:bc39:1 - - [07/Jun/2026:16:28:40 +0000] "GET /admin/.env HTTP/2.0" 403 1927 ...
show more
2a02:4780:6:2087:0:1f41:bc39:1 - - [07/Jun/2026:16:28:40 +0000] "GET /admin/.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 15:30:09
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:30:02.300708 2026] [security2:error] [pid 31837:tid 31926] [client 2a02:4780:6:2087:0:1f41:bc39:1:16632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcprocapital.com"] [uri "/.env"] [unique_id "aiWOehe_L1jUi0hwGEQ7SQAAAVI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-07 14:36:42
(3 weeks ago)
(modsecurity) srv103 ModSecurity 2a02:4780:6:2087:0:1f41:bc39:1 (ID/Indonesia/-): 10 in the last 360 ...
show more
(modsecurity) srv103 ModSecurity 2a02:4780:6:2087:0:1f41:bc39:1 (ID/Indonesia/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 13:52:12
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:1f41:bc39:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:52:07.443688 2026] [security2:error] [pid 17335:tid 17335] [client 2a02:4780:6:2087:0:1f41:bc39:1:21066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lindafoley.com"] [uri "/.env.save"] [unique_id "aiV3hwVSxp7iLu40uJNcwgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack