πΊπΈ
WellSpring
2026-07-02 01:19:37
(1 minute ago)
env leak on 530.today/node_modules/.env β WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack
π«π·
LRob.fr
2026-07-02 01:00:14
(21 minutes ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 00:45:20
(36 minutes ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 20:45:14.878665 2026] [security2:error] [pid 8359:tid 8359] [client 2a04:c300:400::132:62784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.computerizer.org"] [uri "/.env"] [unique_id "akW0mhfKc6Dd_0QGYyq0tgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
wsyq
2026-07-02 00:43:58
(37 minutes ago)
Fail2Ban - \[NGINX\]40x-Forcing to access a restricted resource
...
Bad Web Bot
Web App Attack
π©πͺ
updown.io
2026-07-02 00:34:42
(46 minutes ago)
{"level":"info","ts":1782952480.2867482,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1782952480.2867482,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"2a04:c300:400::132","remote_port":"33176","client_ip":"2a04:c300:400::132","proto":"HTTP/1.1","method":"GET","host":"status.skik.net","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36"],"Accept":["*/*"],"Accept-Encoding":["gzip"]}},"bytes_read":0,"user_id":"","duration":0.000113556,"size":0,"status":308,"resp_headers":{"Content-Type":[],"Server":["Caddy"],"Connection":["close"],"Location":["https://status.skik.net/"]}}
{"level":"info","ts":1782952481.224528,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"2a04:c300:400::132","remote_port":"34144","client_ip":"2a04:c300:400::132","proto":"HTTP/1.1","method":"GET","host":"status.skik.net","uri":"/app/.env","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"],
...
show less
DDoS Attack
Web App Attack
π³π±
Site.eu
2026-07-02 00:32:43
(48 minutes ago)
Excessive multi-domain requests
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-01 23:56:52
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:56:45.819083 2026] [security2:error] [pid 23453:tid 23453] [client 2a04:c300:400::132:25738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teakprop.com"] [uri "/.env"] [unique_id "akWpPW_ZtJzQ03b4NJxMFQAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 23:34:12
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:34:04.146716 2026] [security2:error] [pid 4913:tid 4913] [client 2a04:c300:400::132:3016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.fatcavemedia.com"] [uri "/.env"] [unique_id "akWj7OctPPaNPZs7MekZpAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 22:52:09
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:52:05.375044 2026] [security2:error] [pid 27115:tid 27115] [client 2a04:c300:400::132:53352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.abeandmason.com"] [uri "/.env"] [unique_id "akWaFa3Z-z8CJnfpWCWQmAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
itsolon
2026-07-01 22:33:17
(2 hours ago)
[02/Jul/2026:00:33:16 +0200] 178294519642.423895 2a04:c300:400::132 0 217.154.7.177 443
[02/Jul/2026 ...
show more
[02/Jul/2026:00:33:16 +0200] 178294519642.423895 2a04:c300:400::132 0 217.154.7.177 443
[02/Jul/2026:00:33:16 +0200] 178294519649.826661 2a04:c300:400::132 0 217.154.7.177 443
[02/Jul/2026:00:33:16 +0200] 178294519656.558922 2a04:c300:400::132 0 217.154.7.177 443
[02/Jul/2026:00:33:16 +0200] 178294519699.620597 2a04:c300:400::132 0 217.154.7.177 443
[02/Jul/2026:00:33:16 +0200] 178294519685.543244 2a04:c300:400::132 0 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 22:11:22
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:11:15.130309 2026] [security2:error] [pid 2745:tid 2782] [client 2a04:c300:400::132:46144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ecocentri.city"] [uri "/backend/.env"] [unique_id "akWQg42rVInoJivhsoxeYgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
BlueWire Hosting
2026-07-01 21:59:34
(3 hours ago)
Probing websites for vulnerabilities
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 21:47:17
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:47:14.564911 2026] [security2:error] [pid 24306:tid 24306] [client 2a04:c300:400::132:38558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.compassionfatigue.org"] [uri "/.env.local"] [unique_id "akWK4stMbB4UezaTnWelOQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-07-01 21:17:28
(4 hours ago)
Try to access /haardhout-oosterwolde//.env
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 21:14:48
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:c300:400::132 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:14:40.764623 2026] [security2:error] [pid 24098:tid 24098] [client 2a04:c300:400::132:2124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.termstech.com"] [uri "/.env"] [unique_id "akWDQDoIlGKBYtVGsljfsgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack