πΊπΈ
TPI-Abuse
2026-06-30 15:51:12
(38 minutes ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 11:51:06.987573 2026] [security2:error] [pid 16338:tid 16338] [client 47.79.78.48:44288] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drkerryklett.com"] [uri "/.env.development.local"] [unique_id "akPl6lwet6pc8cQxyAiHCwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
netclix.gr
2026-06-30 15:04:17
(1 hour ago)
(mod_security) mod_security triggered on hostname [redacted] 47.79.78.48 (HK/Hong Kong/-): (CF_ENAB ...
show more
(mod_security) mod_security triggered on hostname [redacted] 47.79.78.48 (HK/Hong Kong/-): (CF_ENABLE)
show less
SQL Injection
π©πͺ
big-cloud.nl
2026-06-30 13:57:48
(2 hours ago)
Try to access /src/.env
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 13:45:21
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:45:16.516034 2026] [security2:error] [pid 19634:tid 19634] [client 47.79.78.48:38692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thenewplantation.org"] [uri "/.env.local"] [unique_id "akPIbLMXfGvnCqntxp0obgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-30 12:06:16
(4 hours ago)
Multiple web server 400 error codes from same source ip
Web App Attack
π©πͺ
itsolon
2026-06-30 08:51:46
(7 hours ago)
[30/Jun/2026:10:51:44 +0200] 178280950427.621414 47.79.78.48 34552 217.154.7.177 443
[30/Jun/2026:10 ...
show more
[30/Jun/2026:10:51:44 +0200] 178280950427.621414 47.79.78.48 34552 217.154.7.177 443
[30/Jun/2026:10:51:44 +0200] 178280950442.132697 47.79.78.48 34552 217.154.7.177 443
[30/Jun/2026:10:51:44 +0200] 178280950485.366838 47.79.78.48 34552 217.154.7.177 443
[30/Jun/2026:10:51:45 +0200] 178280950535.425413 47.79.78.48 34552 217.154.7.177 443
[30/Jun/2026:10:51:45 +0200] 17828095059.513223 47.79.78.48 34552 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
π¬π§
djboddington
2026-06-30 08:14:57
(8 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
π³π±
Mangelot Hosting
2026-06-30 08:03:38
(8 hours ago)
(modsecurity) srv201 ModSecurity 47.79.78.48 (HK/Hong Kong/-): 10 in the last 3600 secs; Ports: *; D ...
show more
(modsecurity) srv201 ModSecurity 47.79.78.48 (HK/Hong Kong/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 07:04:00
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:03:56.255945 2026] [security2:error] [pid 9896:tid 9896] [client 47.79.78.48:47792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturalpozzolanassociation.org"] [uri "/.env.bak"] [unique_id "akNqXIxjUMp53ATZu2btDAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 06:47:45
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:47:36.486344 2026] [security2:error] [pid 17033:tid 17033] [client 47.79.78.48:50970] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gasoilliquidsdaily.com"] [uri "/.env.development"] [unique_id "akNmiLjd5I_EPTau179Y6gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
e.fierstra
2026-06-30 06:15:50
(10 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 06:04:57
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:04:48.940277 2026] [security2:error] [pid 29409:tid 29409] [client 47.79.78.48:41222] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qatest.soudertonbigred.org"] [uri "/.env.prod"] [unique_id "akNcgPkqO_DBois5BBx_twAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 05:42:44
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 47.79.78.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 01:42:38.049583 2026] [security2:error] [pid 7628:tid 7628] [client 47.79.78.48:55526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ellesorority.com"] [uri "/.env.staging"] [unique_id "akNXThSz9IMp87HNkrfyGQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-06-26 22:02:59
(3 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25.
show less
Web App Attack
SSH
Hacking
π³π±
homeshowdomain.nl
2026-06-25 22:02:26
(4 days ago)
Auto-ban: >3000 req/min op 2026-06-25
Web App Attack
SSH
Hacking