Anonymous
2026-07-13 02:13:09
(3 days ago)
Web attack
Bad Web Bot
Web App Attack
๐ฎ๐น
Inartis
2026-07-12 20:12:08
(3 days ago)
15.204.58.249 - - [12/Jul/2026:22:11:59 +0200] "GET /.env HTTP/1.1" 302 4021 "-" "Mozilla/5.0 (Windo ...
show more
15.204.58.249 - - [12/Jul/2026:22:11:59 +0200] "GET /.env HTTP/1.1" 302 4021 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.58.249 - - [12/Jul/2026:22:12:03 +0200] "GET /.env.local HTTP/1.1" 302 4021 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
15.204.58.249 - - [12/Jul/2026:22:12:07 +0200] "GET /.env.production HTTP/1.1" 302 4021 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 08:21:11
(4 days ago)
Bot / seems abusive / Apache connections: 38
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-11 22:05:11
(4 days ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
Anonymous
2026-07-11 21:00:24
(4 days ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-11 19:49:21
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:49:15.852691 2026] [security2:error] [pid 24460:tid 24460] [client 15.204.58.249:45012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ezsmiledental.com"] [uri "/.env"] [unique_id "alKeOyO2bOxyI9mDDGw4ZwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐น
penguin-solutions.at
2026-07-11 19:12:02
(4 days ago)
Excessive 403/404 errors
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 19:06:04
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:06:01.256659 2026] [security2:error] [pid 20426:tid 20426] [client 15.204.58.249:43654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ferrarapanfitness.com"] [uri "/.env"] [unique_id "alKUGaaX2q5cTOC3Z6HUsQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-11 18:33:46
(4 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: crowdsecurity/http-probing.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 17:54:08
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 13:54:03.660961 2026] [security2:error] [pid 10283:tid 10283] [client 15.204.58.249:54108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolute.io"] [uri "/.env"] [unique_id "alKDOxjgft4DEOqlXEz_nAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 17:37:21
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 13:37:17.105716 2026] [security2:error] [pid 30715:tid 30715] [client 15.204.58.249:40672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cwidisplays.com"] [uri "/.env"] [unique_id "alJ_TUZ9DO8RKX-30rs1CQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 16:55:36
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 12:55:29.630209 2026] [security2:error] [pid 11537:tid 11537] [client 15.204.58.249:37008] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "essav.net"] [uri "/.env"] [unique_id "alJ1gaqZ1UUPlNvGjAl9PwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 16:37:53
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 15.204.58.249 (vps-21e149d1.vps.ovh.us): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 12:37:47.078998 2026] [security2:error] [pid 498583:tid 498583] [client 15.204.58.249:37182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deckmasterscompany.com"] [uri "/.env"] [unique_id "alJxW9yX09Un-Txk7AfduAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dunham Support
2026-07-11 16:18:39
(5 days ago)
(mod_security) mod_security triggered on hostname [redacted] 15.204.58.249 (US/United States/vps-21e ...
show more
(mod_security) mod_security triggered on hostname [redacted] 15.204.58.249 (US/United States/vps-21e149d1.vps.ovh.us)
show less
SQL Injection
Anonymous
2026-07-11 16:06:34
(5 days ago)
(mod_security) mod_security triggered on hostname [redacted] 15.204.58.249 (US/United States/vps-21e ...
show more
(mod_security) mod_security triggered on hostname [redacted] 15.204.58.249 (US/United States/vps-21e149d1.vps.ovh.us)
show less
SQL Injection