Anonymous
2026-07-01 04:33:00
(5 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฌ๐ง
gurnip
2026-06-07 14:06:56
(4 weeks ago)
Vulnerability probe of page /member/.env, not found on server.
Brute-Force
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-06-07 08:14:53
(4 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 05:22:39
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:22:32.502887 2026] [security2:error] [pid 26427:tid 26427] [client 2a02:4780:11:1850:0:115c:ce5f:1:27798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shaunthomas.com"] [uri "/api/.env"] [unique_id "aiUAGALRvUPzJMojPOk9nQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-06-07 05:12:54
(4 weeks ago)
9 attacks on env grabbing URLs:
GET /core/.env HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 04:29:08
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:29:03.849764 2026] [security2:error] [pid 24054:tid 24054] [client 2a02:4780:11:1850:0:115c:ce5f:1:34448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ladymcollection.com"] [uri "/admin/.env"] [unique_id "aiTzjz3EhSmygCEyOqQLXQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 04:13:59
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:13:52.173296 2026] [security2:error] [pid 21812:tid 21812] [client 2a02:4780:11:1850:0:115c:ce5f:1:19452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healthpointphysicians.co"] [uri "/core/.env"] [unique_id "aiTwAB7z2s6EJWC_GAN2_AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-06-07 02:42:24
(4 weeks ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ซ๐ท
dynamix
2026-06-07 02:25:17
(4 weeks ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
gadix
2026-06-07 02:23:35
(4 weeks ago)
[07/Jun/2026:04:23:34.584803 +0200] aiTWJiK_2ClsPsz7Cmu-zgAAAAE 2a02:4780:11:1850:0:115c:ce5f:1 3736 ...
show more
[07/Jun/2026:04:23:34.584803 +0200] aiTWJiK_2ClsPsz7Cmu-zgAAAAE 2a02:4780:11:1850:0:115c:ce5f:1 37364 127.0.0.1 7081
[07/Jun/2026:04:23:34.585663 +0200] aiTWJk-ZtnNH1ybWHsUKnQAAAAo 2a02:4780:11:1850:0:115c:ce5f:1 37372 127.0.0.1 7081
[07/Jun/2026:04:23:34.589330 +0200] aiTWJkSJlqJA9QmBzmOv4gAAAAY 2a02:4780:11:1850:0:115c:ce5f:1 37388 127.0.0.1 7081
...
show less
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-07 01:29:34
(4 weeks ago)
(y3) Failed access -byebye- from 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): (CF_ENABLE)
Hacking
๐บ๐ธ
interbiznw.com
2026-06-07 01:03:43
(4 weeks ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 00:14:32
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 20:14:26.023661 2026] [security2:error] [pid 5485:tid 5485] [client 2a02:4780:11:1850:0:115c:ce5f:1:54706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keidar.com"] [uri "/dev/.env"] [unique_id "aiS34jqfM7CmplFV7SBSjQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 23:23:40
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 19:23:34.231774 2026] [security2:error] [pid 23890:tid 23890] [client 2a02:4780:11:1850:0:115c:ce5f:1:42910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vanessalends.com"] [uri "/core/.env"] [unique_id "aiSr9klCwJASv11M4Rd7cQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 22:47:53
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:11:1850:0:115c:ce5f:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 18:47:46.571994 2026] [security2:error] [pid 10651:tid 10651] [client 2a02:4780:11:1850:0:115c:ce5f:1:37350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "summitartists.com"] [uri "/dev/.env"] [unique_id "aiSjkrWEj7z0RVKq1pwhvwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack