Anonymous
2026-07-14 16:32:11
(7 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฟ๐ฆ
conure
2026-07-13 12:02:32
(1 day ago)
csagent: score 19.7: secrets grab x2, 404 noise floor x2; 2 domain(s) in 15s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 05:17:58
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 01:17:50.637050 2026] [security2:error] [pid 10124:tid 10124] [client 47.245.120.164:55202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cozydesignae.com"] [uri "/.env"] [unique_id "alR0_hfiG_LlhpqmMnoWhQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:50:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:49:59.721142 2026] [security2:error] [pid 8871:tid 8896] [client 47.245.120.164:40274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.catch-22productions.com"] [uri "/.git/config"] [unique_id "alRudw0FZXS7pDgAApgS2AAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 04:25:02
(1 day ago)
suspicious request in access.log
Web App Attack
๐ง๐ช
voormedia
2026-07-13 04:24:11
(1 day ago)
Accessed trap at '/.env'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:15:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:15:24.919210 2026] [security2:error] [pid 7324:tid 7324] [client 47.245.120.164:37784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nathsharmaandcompany.com"] [uri "/.env"] [unique_id "alRmXGxH2-hzOJ3bZ91_xQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-13 04:02:46
(1 day ago)
Probing websites for vulnerabilities
Web App Attack
๐ซ๐ท
masterguru
2026-07-13 04:01:12
(1 day ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:56:33
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:56:26.712981 2026] [security2:error] [pid 924:tid 924] [client 47.245.120.164:51948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lamariposagallery.com"] [uri "/.env"] [unique_id "alRh6thDdJ50aHe_3d3SbAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-13 03:44:50
(1 day ago)
dot file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:15:45
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:15:38.355009 2026] [security2:error] [pid 29198:tid 29198] [client 47.245.120.164:33280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emisoni.com"] [uri "/.env"] [unique_id "alRYWuHeO8WDuul6EwtHJQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-07-13 02:54:21
(1 day ago)
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:52:40 217.194.210.152 GET /.env - 443 - 47.2 ...
show more
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:52:40 217.194.210.152 GET /.env - 443 - 47.245.120.164 HTTP/1.1 Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36 - claretealmusic.co.uk 404 0 2 1557 231 207 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-13 02:24:16
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 47.245.120.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:24:08.540450 2026] [security2:error] [pid 18987:tid 18987] [client 47.245.120.164:49082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexgitlin.com"] [uri "/.env"] [unique_id "alRMSF-JLGPBRj6JmgXPzQAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
london2038.com
2026-07-13 02:21:42
(1 day ago)
Probing for exploits
47.245.120.164 - - [13/Jul/2026:04:21:41 +0200] "GET /.git/config HTTP/1.1" 422 ...
show more
Probing for exploits
47.245.120.164 - - [13/Jul/2026:04:21:41 +0200] "GET /.git/config HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Safari"
47.245.120.164 - - [13/Jul/2026:04:21:42 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (CentOS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack