π©πͺ
neckaralb-admin.de
2026-06-28 12:01:31
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π³π±
WinnieHoneypots
2026-06-28 09:56:38
(1 day ago)
Brute-Force
Bad Web Bot
Web App Attack
π³π±
BlueWire Hosting
2026-06-28 09:08:13
(1 day ago)
Probing websites for vulnerabilities
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 08:23:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 04:23:12.716541 2026] [security2:error] [pid 30622:tid 30622] [client 2a02:c207:2340:515::1:53576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bervick.com"] [uri "/.env"] [unique_id "akDZ8PaMrRBmh9Prcirn1QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
ParaBug
2026-06-28 06:08:25
(1 day ago)
2a02:c207:2340:515::1 - - [28/Jun/2026:08:08:25 +0200] "GET /.env HTTP/1.1" 301 4751 "-" "Mozilla/5. ...
show more
2a02:c207:2340:515::1 - - [28/Jun/2026:08:08:25 +0200] "GET /.env HTTP/1.1" 301 4751 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Phishing
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 05:15:20
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:15:14.562675 2026] [security2:error] [pid 2980:tid 2980] [client 2a02:c207:2340:515::1:50658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anthonyanimalclinic.net"] [uri "/.env"] [unique_id "akCt4g4B0rZUT24kIkiI_QAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
foxxelabs
2026-06-28 04:06:33
(1 day ago)
Automated report from FoxxeLabs Sentinel. Path probed: /.env | Project: anseo | Reason(s): Known exp ...
show more
Automated report from FoxxeLabs Sentinel. Path probed: /.env | Project: anseo | Reason(s): Known exploit path: /.env | User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/5
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 02:52:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:52:45.270522 2026] [security2:error] [pid 24648:tid 24648] [client 2a02:c207:2340:515::1:40976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "annropp.com"] [uri "/.env"] [unique_id "akCMfX0bsqrUKrnZ2PdEOwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 23:00:45
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:00:41.218245 2026] [security2:error] [pid 26104:tid 26104] [client 2a02:c207:2340:515::1:35510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "animatuevento.com.mx"] [uri "/.env"] [unique_id "akBWGePiZ9hSYiXZJN_YFQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-06-27 22:04:30
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-26.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-27 21:35:49
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:35:43.178917 2026] [security2:error] [pid 21558:tid 21558] [client 2a02:c207:2340:515::1:55624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "72blues.com"] [uri "/.env"] [unique_id "akBCL44N_rwB2Qob3SKQvgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 21:16:42
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:16:38.795527 2026] [security2:error] [pid 8850:tid 8850] [client 2a02:c207:2340:515::1:47850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "804web.net"] [uri "/.env"] [unique_id "akA9trqVeJ9GzMJW6GF7cwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 20:16:51
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:16:44.586581 2026] [security2:error] [pid 9178:tid 9178] [client 2a02:c207:2340:515::1:44454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "36hoursonly.com"] [uri "/.env"] [unique_id "akAvrJ1h7CHvBryFeCCbSAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 18:21:24
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:21:19.654634 2026] [security2:error] [pid 31104:tid 31104] [client 2a02:c207:2340:515::1:59626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "43cambridge.com"] [uri "/.env"] [unique_id "akAUnwtc37YpJZ4qfWcGCwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 17:46:04
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:c207:2340:515::1 (vmi3400515.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:45:58.252214 2026] [security2:error] [pid 12416:tid 12416] [client 2a02:c207:2340:515::1:35128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "7livesahead.com"] [uri "/.env"] [unique_id "akAMVoU__2svB_Pp8gxuawAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack