Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show moreAuto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14.
show less
{"level":"info","ts":1781515314.0499113,"logger":"http.log.access.log1","msg":"handled request","req ...
show more{"level":"info","ts":1781515314.0499113,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.39.197.82","remote_port":"32782","client_ip":"34.39.197.82","proto":"HTTP/1.1","method":"GET","host":"status.hiltonbreaks.com","uri":"/admin/.env.local","headers":{"User-Agent":["Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.hiltonbreaks.com","ech":false}},"bytes_read":0,"user_id":"","duration":0.00012054,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1781515314.0519555,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.39.197.82","remote_port":"32916","client_ip":"34.39.197.82","proto":"HTTP/1.1","method":"GET","host"
...
show less
[MonJun1509:05:18.4099382026][security2:error][pid3921116:tid3921138][client34.39.197.82:0]ModSecuri ...
show more[MonJun1509:05:18.4099382026][security2:error][pid3921116:tid3921138][client34.39.197.82:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"volcano.ch.136-243-54-122.cpanel.site\"][uri\"/build/.env\"][unique_id\"ai-kLjRj6IUSlEDyt8bOWAAAARM\"]
show less
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.39.197.82 (BR/Bra ...
show more(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.39.197.82 (BR/Brazil/82.197.39.34.bc.googleusercontent.com)
show less