๐ซ๐ท
SpaceHost-Server
2026-06-08 22:28:56
(3 weeks ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 11:00:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:00:26.760511 2026] [security2:error] [pid 5792:tid 5792] [client 2a02:4780:6:1732:0:171f:c09e:1:32002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aroilcontrolsystem.com"] [uri "/app/.env"] [unique_id "aiagyjd4puWFWvLg2ZNU0AAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-06-08 09:06:15
(3 weeks ago)
2026/06/08 09:06:13 [error] 1452896#1452896: *289331515 access forbidden by rule, client: 2a02:4780: ...
show more
2026/06/08 09:06:13 [error] 1452896#1452896: *289331515 access forbidden by rule, client: 2a02:4780:6:1732:0:171f:c09e:1, server: bin-spin.com, request: "GET /admin/.env HTTP/1.1", host: "bin-spin.com"
2026/06/08 09:06:13 [error] 1452896#1452896: *289331516 access forbidden by rule, client: 2a02:4780:6:1732:0:171f:c09e:1, server: bin-spin.com, request: "GET /laravel/.env HTTP/1.1", host: "bin-spin.com"
2026/06/08 09:06:13 [error] 1452896#1452896: *289331517 access forbidden by rule, client: 2a02:4780:6:1732:0:171f:c09e:1, server: bin-spin.com, request: "GET /member/.env HTTP/1.1", host: "bin-spin.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 08:23:49
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:23:45.776425 2026] [security2:error] [pid 8940:tid 8940] [client 2a02:4780:6:1732:0:171f:c09e:1:25988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "graydortmotors.com"] [uri "/app/.env"] [unique_id "aiZ8EQXYX8TnW_1UySZvEgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
0x44
2026-06-08 08:02:10
(3 weeks ago)
Abusive host detected - Attempt to access sensitive files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 07:38:29
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:38:22.087816 2026] [security2:error] [pid 29975:tid 29975] [client 2a02:4780:6:1732:0:171f:c09e:1:22636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rogerg.com"] [uri "/api/.env"] [unique_id "aiZxbiccHSZekqUxTe4t8QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-06-08 06:26:52
(3 weeks ago)
CMS/framework probe: 2a02:4780:6:1732:0:171f:c09e:1 - - [08/Jun/2026:08:26:52 +0200] "GET /.env HTTP ...
show more
CMS/framework probe: 2a02:4780:6:1732:0:171f:c09e:1 - - [08/Jun/2026:08:26:52 +0200] "GET /.env HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" asn=47583 org="Hostinger International Limited" country=ID
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 23:40:52
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:40:45.373229 2026] [security2:error] [pid 11876:tid 11876] [client 2a02:4780:6:1732:0:171f:c09e:1:57746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coloradohifi.com"] [uri "/backend/.env"] [unique_id "aiYBfWWJHLHu3Jx9KIFdGAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 22:14:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:14:17.119630 2026] [security2:error] [pid 13656:tid 13662] [client 2a02:4780:6:1732:0:171f:c09e:1:20944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ingeconsultcr.com"] [uri "/laravel/.env"] [unique_id "aiXtOV-zRjYD013NV9PnggAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-07 22:06:52
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 21:02:15
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:02:11.672771 2026] [security2:error] [pid 1562:tid 1674] [client 2a02:4780:6:1732:0:171f:c09e:1:41718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daydreambeliever.us"] [uri "/dev/.env"] [unique_id "aiXcU4Kgd8UONuVsPyTFuQAAAhQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 17:14:51
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:14:45.375113 2026] [security2:error] [pid 16182:tid 16182] [client 2a02:4780:6:1732:0:171f:c09e:1:55464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belgiophar.info"] [uri "/backend/.env"] [unique_id "aiWnBRUqrzpmzhRNi2_vdwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Melle
2026-06-07 16:24:52
(3 weeks ago)
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 2a02:4780:6:1732:0:171f:c09e:1 ...
show more
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 2a02:4780:6:1732:0:171f:c09e:1 triggered 5 events | Detected: 2026-06-07T16:24:51.875815189Z
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-07 15:48:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:47:53.503955 2026] [security2:error] [pid 15861:tid 15861] [client 2a02:4780:6:1732:0:171f:c09e:1:43376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dcwenger.com"] [uri "/member/.env"] [unique_id "aiWSqRDyYj0uFt2z9pIGmQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 14:53:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:6:1732:0:171f:c09e:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 10:53:47.082491 2026] [security2:error] [pid 10514:tid 10514] [client 2a02:4780:6:1732:0:171f:c09e:1:58194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hanlontown.org"] [uri "/api/.env"] [unique_id "aiWF-yuA8YoCfcjG9lDbugAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack