๐ฌ๐ง
openstrike.co.uk
2026-06-09 05:14:47
(3 weeks ago)
12 attacks on env grabbing URLs:
GET /api/.env.save HTTP/1.1
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:50
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 11:40:59
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:40:51.471078 2026] [security2:error] [pid 32129:tid 32129] [client 2a02:4780:6:2087:0:39fa:6bbe:1:42410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schoolrx.org"] [uri "/laravel/.env"] [unique_id "aiaqQ4YPF6IfxrPvmfnsxQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-06-08 11:31:42
(3 weeks ago)
[redacted] 2a02:4780:6:2087:0:39fa:6bbe:1 - - [08/Jun/2026:12:31:40 +0100] "GET /dev/.env HTTP/1.1" ...
show more
[redacted] 2a02:4780:6:2087:0:39fa:6bbe:1 - - [08/Jun/2026:12:31:40 +0100] "GET /dev/.env HTTP/1.1" 302 1538 0/43610 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:6:2087:0:39fa:6bbe:1 - - [08/Jun/2026:12:31:40 +0100] "GET /laravel/.env HTTP/1.1" 302 1538 0/60309 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 06:07:46
(3 weeks ago)
Probing\(5\) HTTP Ports
...
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 05:22:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:21:53.025002 2026] [security2:error] [pid 22091:tid 22091] [client 2a02:4780:6:2087:0:39fa:6bbe:1:56344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joesteiner.com"] [uri "/admin/.env"] [unique_id "aiZRcSHBBlHOFLw5sx8xxQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-08 05:13:40
(3 weeks ago)
12 attacks on env grabbing URLs:
GET /dev/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 03:42:13
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:42:09.903220 2026] [security2:error] [pid 19537:tid 19537] [client 2a02:4780:6:2087:0:39fa:6bbe:1:34812] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jamesallenwalker.com"] [uri "/core/.env"] [unique_id "aiY6EQR9fQhwtRpv07gXMQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:27:33
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:27:29.693493 2026] [security2:error] [pid 29482:tid 29482] [client 2a02:4780:6:2087:0:39fa:6bbe:1:40874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taylorandatlantic.net"] [uri "/core/.env.save"] [unique_id "aiX-YXyLfVENblyf6NkZDgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 22:33:44
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:33:41.433461 2026] [security2:error] [pid 6198:tid 6198] [client 2a02:4780:6:2087:0:39fa:6bbe:1:33980] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dildog.com"] [uri "/.env"] [unique_id "aiXxxRBYDqG2f8iyq5tDqAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 21:10:12
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:10:09.020034 2026] [security2:error] [pid 31859:tid 31866] [client 2a02:4780:6:2087:0:39fa:6bbe:1:48858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "41bravo.com"] [uri "/.env.save"] [unique_id "aiXeMUUn0-DnPIX6WSwn6AAAAEU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 20:39:24
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:39:18.946870 2026] [security2:error] [pid 30584:tid 30584] [client 2a02:4780:6:2087:0:39fa:6bbe:1:20192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humandesignanalysis.org"] [uri "/api/.env.save"] [unique_id "aiXW9hvSIRBDx6Ttk41qZwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 19:08:22
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:08:15.494219 2026] [security2:error] [pid 1336:tid 1336] [client 2a02:4780:6:2087:0:39fa:6bbe:1:49128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "agchurchkuwait.com"] [uri "/.env.save"] [unique_id "aiXBn-n_A_178FfMTaWrOAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 15:15:24
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:15:20.560415 2026] [security2:error] [pid 2650:tid 2650] [client 2a02:4780:6:2087:0:39fa:6bbe:1:49626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nypatriotcards.com"] [uri "/api/.env.save"] [unique_id "aiWLCEf9TsIbCfD4DZOikwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 14:46:22
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:2087:0:39fa:6bbe:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 10:46:18.003572 2026] [security2:error] [pid 11989:tid 11989] [client 2a02:4780:6:2087:0:39fa:6bbe:1:41496] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "13waggoners.com"] [uri "/.env"] [unique_id "aiWEOprO_G-l3rbfkigF-QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack