๐บ๐ธ
TPI-Abuse
2026-07-08 00:59:51
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 20:59:44.983636 2026] [security2:error] [pid 22426:tid 22426] [client 2a02:4780:5e:2f9b::1:52440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onward.ws"] [uri "/dev/.env"] [unique_id "ak2hAIbTnSLRB8dghtEtqAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 08:26:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:26:35.759516 2026] [security2:error] [pid 31477:tid 31499] [client 2a02:4780:5e:2f9b::1:42924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opticaldesignconcepts.com"] [uri "/app/.env"] [unique_id "aky4O43IaD2SDSL9N5ezRgAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
lespbaj
2026-07-07 05:26:17
(1 day ago)
{"time":"2026-07-07T05:26:15+00:00","ip":"2a02:4780:5e:2f9b::1","method":"GET","uri":"/.env.save","u ...
show more
{"time":"2026-07-07T05:26:15+00:00","ip":"2a02:4780:5e:2f9b::1","method":"GET","uri":"/.env.save","ua":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36","referer":""}
...
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-07 05:16:15
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-07 04:36:36
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 03:25:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 23:25:17.595273 2026] [security2:error] [pid 15507:tid 15507] [client 2a02:4780:5e:2f9b::1:58166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "2massociatesllc.com"] [uri "/laravel/.env"] [unique_id "akxxneO7jJJZXLSOOe5HWgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 00:49:46
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 20:49:43.086298 2026] [security2:error] [pid 6273:tid 6273] [client 2a02:4780:5e:2f9b::1:51236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "21north.com"] [uri "/admin/.env"] [unique_id "akxNJzMLM4f_5ad0l4fd9gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-07 00:09:57
(1 day ago)
[redacted] 2a02:4780:5e:2f9b::1 - - [07/Jul/2026:01:09:55 +0100] "GET /admin/.env HTTP/1.1" 302 6753 ...
show more
[redacted] 2a02:4780:5e:2f9b::1 - - [07/Jul/2026:01:09:55 +0100] "GET /admin/.env HTTP/1.1" 302 6753 0/47578 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 2a02:4780:5e:2f9b::1 - - [07/Jul/2026:01:09:55 +0100] "GET / HTTP/1.1" 206 10496 0/54489 "https://[redacted]/admin/.env" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:24:34
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:24:29.826235 2026] [security2:error] [pid 9595:tid 9595] [client 2a02:4780:5e:2f9b::1:38952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oowoah.com"] [uri "/members/.env"] [unique_id "akw5LW7lwrD1g1VhdZ3tYAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-06 18:38:10
(2 days ago)
(modsecurity) srv101 ModSecurity 2a02:4780:5e:2f9b::1 (MY/Malaysia/-): 10 in the last 3600 secs; Por ...
show more
(modsecurity) srv101 ModSecurity 2a02:4780:5e:2f9b::1 (MY/Malaysia/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-06 17:01:16
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
4server
2026-07-06 11:22:44
(2 days ago)
[MonJul0613:22:38.1600702026][security2:error][pid4138688:tid4138771][client2a02:4780:5e:2f9b::1:0]M ...
show more
[MonJul0613:22:38.1600702026][security2:error][pid4138688:tid4138771][client2a02:4780:5e:2f9b::1:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"orabonastudio.it\"][uri\"/api/.env\"][unique_id\"akuP_rylPd9U7MnhFpk3AgAAAMQ\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-06 09:19:57
(2 days ago)
Try to access /.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 06:41:05
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:40:59.053504 2026] [security2:error] [pid 432:tid 432] [client 2a02:4780:5e:2f9b::1:37868] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pacepk.com"] [uri "/app/.env"] [unique_id "aktN-zuXjpdETaeEH8WqkwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:45:26
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:5e:2f9b::1 (srv1457569.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:45:15.600269 2026] [security2:error] [pid 18134:tid 18149] [client 2a02:4780:5e:2f9b::1:34726] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "104ventures.com"] [uri "/laravel/.env"] [unique_id "aktA695cYZoDcQLYiuR7VQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack