๐ณ๐ฑ
homeshowdomain.nl
2026-02-21 22:59:08
(4 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-20.
show less
Web App Attack
SSH
Hacking
๐ซ๐ท
SpaceHost-Server
2026-02-20 23:38:19
(4 months ago)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-02-20 18:35:48
(4 months ago)
492 requests with url.path *.env
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-20 17:24:43
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 12:24:37.916849 2026] [security2:error] [pid 11143:tid 11143] [client 2a02:c207:2298:7800::1:60778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limpiezadevidriosyoficinas.com"] [uri "/.env"] [unique_id "aZiY1eKm5NBH3-PcKWUyvgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 15:47:58
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 10:47:51.875823 2026] [security2:error] [pid 19168:tid 19168] [client 2a02:c207:2298:7800::1:60116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jfordclanrecipes.com"] [uri "/.env"] [unique_id "aZiCJw-pXmlTM49t5HRorwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 15:23:42
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 10:23:37.976353 2026] [security2:error] [pid 17050:tid 17050] [client 2a02:c207:2298:7800::1:58866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "firstunitedreserve.com"] [uri "/.env"] [unique_id "aZh8eZTFo6G4_a6u-U61jAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
venus.launch.bz
2026-02-20 14:54:41
(4 months ago)
(gohttpua) Bad UA Go-http-client from 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net)
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-20 14:30:41
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 09:30:37.042015 2026] [security2:error] [pid 27654:tid 27654] [client 2a02:c207:2298:7800::1:53574] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kochcreative.com"] [uri "/config/.env"] [unique_id "aZhwDdQj21Hq_qf87H_NVwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-02-20 10:58:39
(4 months ago)
2026/02/20 10:58:38 [error] 1412410#1412410: *23962871 access forbidden by rule, client: 2a02:c207:2 ...
show more
2026/02/20 10:58:38 [error] 1412410#1412410: *23962871 access forbidden by rule, client: 2a02:c207:2298:7800::1, server: finami.mx, request: "GET /.env HTTP/2.0", host: "finami.mx", referrer: "http://finami.mx/.env"
2026/02/20 10:58:38 [error] 1412413#1412413: *23964091 access forbidden by rule, client: 2a02:c207:2298:7800::1, server: finami.mx, request: "GET /.env HTTP/2.0", host: "finami.mx"
2026/02/20 10:58:38 [error] 1412413#1412413: *23964092 access forbidden by rule, client: 2a02:c207:2298:7800::1, server: finami.mx, request: "GET /config/.env HTTP/2.0", host: "finami.mx", referrer: "http://finami.mx/config/.env"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 10:25:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 05:25:04.205683 2026] [security2:error] [pid 1905:tid 1905] [client 2a02:c207:2298:7800::1:36616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ruralroutes.ca"] [uri "/.env"] [unique_id "aZg2gLXi9cBdeR-1PK2veQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 09:17:15
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 04:17:11.573781 2026] [security2:error] [pid 4763:tid 4763] [client 2a02:c207:2298:7800::1:37796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jomorise.com"] [uri "/api2/.env"] [unique_id "aZgml2OKYApqRjYqi4hOIgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 09:00:01
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 03:59:53.608062 2026] [security2:error] [pid 24248:tid 24248] [client 2a02:c207:2298:7800::1:42444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zoesaadeh.com"] [uri "/.env"] [unique_id "aZgiibawxcWmLsgNKls-FQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-02-20 08:13:20
(4 months ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 07:53:43
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 02:53:35.929818 2026] [security2:error] [pid 31038:tid 31038] [client 2a02:c207:2298:7800::1:57664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csiwebdesigns.com"] [uri "/api2/.env"] [unique_id "aZgS_2gtzUkn6qV9eXmWjQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 07:11:24
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserve ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2298:7800::1 (vmi2987800.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 02:11:19.446886 2026] [security2:error] [pid 793:tid 793] [client 2a02:c207:2298:7800::1:44934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "borzoi-pedigree.info"] [uri "/api2/.env"] [unique_id "aZgJF5iqXFP1q7-weEGLowAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack