πΊπΈ
TPI-Abuse
2026-06-28 17:28:21
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:28:13.745968 2026] [security2:error] [pid 7428:tid 7428] [client 173.254.210.75:46448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bergopro.co.uk.easternimport.com"] [uri "/.env"] [unique_id "akFZrbZ8s2fNLZgIaq7QbwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 07:26:53
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:26:46.793464 2026] [security2:error] [pid 1445:tid 1445] [client 173.254.210.75:40412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.yun-san.com"] [uri "/.env.local"] [unique_id "akDMthIdBLkvlQtBVVnLFgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-27 10:05:18
(1 day ago)
Abuse Detected (1)
Brute-Force
Web App Attack
π³π±
homeshowdomain.nl
2026-06-26 22:03:12
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
π§π·
Francisco Carlos
2026-06-26 18:41:42
(2 days ago)
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.en ...
show more
Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: env-leak. Sample: GET /.env.prod
show less
Bad Web Bot
Web App Attack
πΊπΈ
Rip
2026-06-26 10:23:26
(2 days ago)
Restricted File Access Attempts
Port Scan
Web App Attack
π©πͺ
FeG Deutschland
2026-06-25 23:33:44
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π³π±
homeshowdomain.nl
2026-06-25 22:02:50
(3 days ago)
Auto-ban: >3000 req/min op 2026-06-25
Web App Attack
SSH
Hacking
πΊπΈ
mnsf
2026-06-25 21:30:26
(3 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack
π³π΄
Bots.go.to.hell
2026-06-25 21:07:15
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access
Web App Attack
Hacking
Anonymous
2026-06-25 16:15:02
(3 days ago)
suspicious request in access.log
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 16:11:14
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 12:11:01.198426 2026] [security2:error] [pid 30289:tid 30298] [client 173.254.210.75:53670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oswgr.wwwhst.com"] [uri "/.env.production"] [unique_id "aj1TFb7KY_21dD8Ec6ZPXwAAAQQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-25 15:46:05
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 173.254.210.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:45:56.775770 2026] [security2:error] [pid 27687:tid 27687] [client 173.254.210.75:58828] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gcmmortgage.com"] [uri "/.env.local"] [unique_id "aj1NNDgfPv5ziokw8AXQNAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
i-turnradio.nl
2026-06-25 15:05:22
(3 days ago)
2026-06-25 @ 17:05:22 (CET) ~ Blocked for trying to access: /.env.production
Web App Attack