π³π±
homeshowdomain.nl
2026-06-16 22:01:37
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-15.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-15 07:02:31
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:02:26.679258 2026] [security2:error] [pid 27479:tid 27479] [client 35.200.25.243:60170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gibraltar-boat-registration.com.boatregistrationdelaware.com"] [uri "/.env.template"] [unique_id "ai-jghBmySO41MO443UySwAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-15 06:05:26
(2 days ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
π³π±
ConsulHosting
2026-06-15 05:22:46
(2 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
π·π΄
iulianh
2026-06-15 03:50:00
(2 days ago)
*
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-06-15 03:24:36
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:24:29.031570 2026] [security2:error] [pid 30167:tid 30167] [client 35.200.25.243:32860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.zheundu.com.greighhouse.com"] [uri "/app/backend/.env"] [unique_id "ai9wbU3eC08ybS11e6zaWgAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Savvii
2026-06-15 01:04:16
(3 days ago)
20 attempts against mh-misbehave-ban on ec102967
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Vianpyro
2026-06-15 00:27:20
(3 days ago)
Honeypot: 330 request(s) in 0 min. Paths: /.env.backup, /.env.production, /.env, /.env.save, /.env.p ...
show more
Honeypot: 330 request(s) in 0 min. Paths: /.env.backup, /.env.production, /.env, /.env.save, /.env.prod.bak. Method(s): GET. UA: w3m/0.5.1. ASN: 396982 (Google LLC).
show less
Web App Attack
Bad Web Bot
Hacking
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-15 00:03:30
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:03:26.255863 2026] [security2:error] [pid 23612:tid 23612] [client 35.200.25.243:42092] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cuisine.gevieworld.com"] [uri "/.env"] [unique_id "ai9BTs6jbHf-8CjhbFUspgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Cloud86 B.V.
2026-06-14 23:39:05
(3 days ago)
categories: DDoS Attack
DDoS Attack
πΊπΈ
TPI-Abuse
2026-06-14 23:23:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (243.25.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:23:45.295174 2026] [security2:error] [pid 32228:tid 32228] [client 35.200.25.243:59898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "valuerec.com"] [uri "/.env.docker"] [unique_id "ai84AeCk8mxshhDZtd99MwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
enjoyably
2026-06-14 14:08:17
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
π³π±
sernate
2026-06-14 07:20:14
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (JP/Japan/243.25.200.35.bc.google ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.25.243 (JP/Japan/243.25.200.35.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC
show less
Brute-Force
πΊπΈ
mnsf
2026-06-14 07:06:44
(3 days ago)
Scanning/Probing (112)
Request Overload (117)
Brute-Force
Web App Attack
π·πΊ
DZBOT
2026-06-14 07:00:44
(3 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack