Anonymous
2026-07-01 04:43:09
(7 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ณ๐ฑ
homeshowdomain.nl
2026-06-28 22:01:52
(2 days ago)
Auto-ban: >3000 req/min op 2026-06-28
Web App Attack
SSH
Hacking
๐บ๐ธ
SLSLLC
2026-06-28 14:01:58
(2 days ago)
173.212.208.226 - - [28/Jun/2026:14:01:57 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (X11 ...
show more
173.212.208.226 - - [28/Jun/2026:14:01:57 +0000] "GET /.env HTTP/2.0" 403 1927 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-28 13:27:44
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 10:59:10
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:59:06.194197 2026] [security2:error] [pid 2916:tid 2916] [client 173.212.208.226:41696] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bipocmentalhealthcoalition.org"] [uri "/.env"] [unique_id "akD-elhYy7cWZRqyn5p2bwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 10:38:49
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:38:43.024281 2026] [security2:error] [pid 20591:tid 20591] [client 173.212.208.226:37644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackcanyonguides.com"] [uri "/.env"] [unique_id "akD5s5wphkeAXoARh0Zj-wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 10:02:45
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:02:42.030917 2026] [security2:error] [pid 30595:tid 30595] [client 173.212.208.226:54778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blosoms.org"] [uri "/.env"] [unique_id "akDxQvSWnJXQEjUgljVE_wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
Countryman
2026-06-28 09:20:14
(3 days ago)
IPS detection: AndroxGh0st.Malware
Hacking
๐จ๐ฟ
Countryman
2026-06-28 09:20:14
(3 days ago)
IPS detection: AndroxGh0st.Malware
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-28 08:51:29
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:51:24.206086 2026] [security2:error] [pid 19315:tid 19315] [client 173.212.208.226:48620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bioprotec.us"] [uri "/.env"] [unique_id "akDgjE8cOyyk80s1DhQ01gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 08:49:02
(3 days ago)
Bot / scanning and/or hacking attempts: POST / HTTP/1.1, GET /.env HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 08:15:05
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 173.212.208.226 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:14:58.014469 2026] [security2:error] [pid 23722:tid 23722] [client 173.212.208.226:46390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bloomandfleur.com"] [uri "/.env"] [unique_id "akDYAk4MhV3nmZmLGvmTaQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 08:12:36
(3 days ago)
173.212.208.226 - - [28/Jun/2026:10:12:35 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; ...
show more
173.212.208.226 - - [28/Jun/2026:10:12:35 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
show less
Web App Attack
๐ง๐ช
cmbplf
2026-06-28 07:37:25
(3 days ago)
136 requests with url.path *.env
Brute-Force
Bad Web Bot
๐ซ๐ฎ
inlink.ltd
2026-06-28 07:37:20
(3 days ago)
dot file probe
Web App Attack