๐บ๐ธ
TPI-Abuse
2026-06-30 23:05:57
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 19:05:52.418282 2026] [security2:error] [pid 4774:tid 4774] [client 2a09:bac5:9443:4e6::7d:4f:17082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.paintriver.com"] [uri "/.env.development"] [unique_id "akRL0Mr1-gkeVGawxfgt1QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:45:03
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:44:56.824337 2026] [security2:error] [pid 7319:tid 7319] [client 2a09:bac5:9443:4e6::7d:4f:25064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.eiko-hamada.com"] [uri "/.env"] [unique_id "akQOqA1y0tdDp0Gezp7lFAAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 15:50:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 11:49:55.075378 2026] [security2:error] [pid 17029:tid 17029] [client 2a09:bac5:9443:4e6::7d:4f:23340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.weismanovens.com"] [uri "/.env.production"] [unique_id "akPlo3KacORr1IHz91-XTgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 14:11:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:11:32.263024 2026] [security2:error] [pid 7983:tid 8002] [client 2a09:bac5:9443:4e6::7d:4f:53072] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "attorneylouisiana.com.aafm.us"] [uri "/.env"] [unique_id "akPOlAQVkmRb22n6tHObPAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
miriks
2026-06-30 08:12:16
(1 week ago)
Automated scan detected: GET /.env โ UA: Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Fi ...
show more
Automated scan detected: GET /.env โ UA: Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0
show less
Port Scan
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-06-30 06:03:31
(1 week ago)
2026/06/30 07:03:29 [error] 1094874#1094874: *2210853 access forbidden by rule, client: 2a09:bac5:94 ...
show more
2026/06/30 07:03:29 [error] 1094874#1094874: *2210853 access forbidden by rule, client: 2a09:bac5:9443:4e6::7d:4f, server: centroestudostibetanos.org, request: "GET /.env HTTP/1.1", host: "nalanda.centroestudostibetanos.org", referrer: "http://nalanda.centroestudostibetanos.org/.env"
2a09:bac5:9443:4e6::7d:4f - - [30/Jun/2026:07:03:29 +0100] "GET /.env HTTP/1.1" 403 1057 "http://nalanda.centroestudostibetanos.org/.env" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36"
2026/06/30 07:03:29 [error] 1094874#1094874: *2210858 access forbidden by rule, client: 2a09:bac5:9443:4e6::7d:4f, server: centroestudostibetanos.org, request: "GET /api/.env HTTP/1.1", host: "nalanda.centroestudostibetanos.org", referrer: "http://nalanda.centroestudostibetanos.org/api/.env"
show less
Brute-Force
Web App Attack
Anonymous
2026-06-30 04:33:42
(1 week ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-30 04:20:56
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:20:48.874356 2026] [security2:error] [pid 19023:tid 19023] [client 2a09:bac5:9443:4e6::7d:4f:13640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.stortfordmedical.com"] [uri "/.env"] [unique_id "akNEINgFEVRR19xCDGvIoQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 01:48:07
(1 week ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
Baking333
2026-06-30 00:25:03
(1 week ago)
[redacted] 2a09:bac5:9443:4e6::7d:4f - - [30/Jun/2026:01:25:00 +0100] "GET /.env HTTP/1.1" 302 6773 ...
show more
[redacted] 2a09:bac5:9443:4e6::7d:4f - - [30/Jun/2026:01:25:00 +0100] "GET /.env HTTP/1.1" 302 6773 0/276230 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:150.0) Gecko/20100101 Firefox/150.0" [redacted] 2a09:bac5:9443:4e6::7d:4f - - [30/Jun/2026:01:25:01 +0100] "GET /backend/.aws/credentials HTTP/1.1" 302 1554 0/93293 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Mobile/15E148 Safari/604.1"
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-29 22:03:23
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-28.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
Mangelot Hosting
2026-06-29 18:57:01
(1 week ago)
(modsecurity) srv102 ModSecurity 2a09:bac5:9443:4e6::7d:4f (US/United States/-): 10 in the last 3600 ...
show more
(modsecurity) srv102 ModSecurity 2a09:bac5:9443:4e6::7d:4f (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 18:19:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 14:19:03.793931 2026] [security2:error] [pid 22793:tid 22793] [client 2a09:bac5:9443:4e6::7d:4f:51692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.stieber.net"] [uri "/.env"] [unique_id "akK3Fy_Db0TSDZgsJ4k3LgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 16:58:56
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:58:49.556356 2026] [security2:error] [pid 26094:tid 26094] [client 2a09:bac5:9443:4e6::7d:4f:35730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horneman.org"] [uri "/.env"] [unique_id "akKkSanZfF-9LK4aDTVNLgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 16:27:31
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9443:4e6::7d:4f (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:27:23.993439 2026] [security2:error] [pid 2910:tid 2910] [client 2a09:bac5:9443:4e6::7d:4f:63678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "localonlinevisibility.com.needtoorder.us"] [uri "/.env"] [unique_id "akKc64O_5AzSfNaOI0eqMQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack