Anonymous
2026-07-14 16:32:12
(8 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
Anonymous
2026-07-13 11:25:40
(1 day ago)
"GET /.git/config HTTP/1.1"
Hacking
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-13 04:29:42
(1 day ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.222.200.47 (SG/Singapore/-): 2 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 8.222.200.47 (SG/Singapore/-): 2 in the last 3600 secs
show less
Web App Attack
Anonymous
2026-07-13 04:10:38
(1 day ago)
Web Server Exposed Git Repository Information Disclosure.
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 03:57:57
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:57:54.629436 2026] [security2:error] [pid 6353:tid 6353] [client 8.222.200.47:59744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "labelrecord.com"] [uri "/.env"] [unique_id "alRiQjZaMtL3OTebGEesBwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:29:46
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:29:43.380861 2026] [security2:error] [pid 11778:tid 11778] [client 8.222.200.47:42922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "guitar-pedals-amp.com"] [uri "/.env"] [unique_id "alRbp9ezrbzgm2dPwbIYQQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:52:01
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:51:56.395666 2026] [security2:error] [pid 25794:tid 25794] [client 8.222.200.47:55056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clintcurrin.com"] [uri "/.env"] [unique_id "alRSzNzZUNymdFGpy_xy9wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-07-13 02:49:13
(1 day ago)
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:47:00 217.194.210.152 GET /.env - 443 - 8.22 ...
show more
Domain : redirect.netenergy.uk
Rule : env
2026-07-13 02:47:00 217.194.210.152 GET /.env - 443 - 8.222.200.47 HTTP/1.1 Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 - bumperandfriends.com 404 0 2 1557 228 199 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-13 02:33:29
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:31:18.489245 2026] [security2:error] [pid 18367:tid 18367] [client 8.222.200.47:34734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arkml.com"] [uri "/.git/config"] [unique_id "alRN9u84budcL2-F0cL5AgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:17:59
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:17:54.246983 2026] [security2:error] [pid 7414:tid 7414] [client 8.222.200.47:47970] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "97201.com"] [uri "/.env"] [unique_id "alRK0hix1opchXOJBAay6gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 01:10:02
(1 day ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 01:05:40
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 8.222.200.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 21:05:37.084947 2026] [security2:error] [pid 7541:tid 7541] [client 8.222.200.47:46588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jolankagroup.com"] [uri "/.env"] [unique_id "alQ54eEZuxjF_ift5qiAPgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-07-13 01:02:39
(2 days ago)
Accessed trap at '/.env'
Web App Attack
๐ฎ๐ฉ
penjaga BRIN
2026-07-13 00:49:19
(2 days ago)
Suspicious malicious activity
Hacking