๐ฉ๐ช
SwinT
2026-07-08 02:00:03
(10 hours ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-04 21:59:09
(3 days ago)
Auto-ban: >3000 req/min op 2026-07-04
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 03:05:17
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:05:09.799124 2026] [security2:error] [pid 9523:tid 9523] [client 104.28.225.121:38772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sciencehumanitiespress.com.banis-associates.com"] [uri "/backend/.env"] [unique_id "akh4ZVpPQUNi79Jo1m7VAAAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:52:26
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:52:18.205661 2026] [security2:error] [pid 3997:tid 3997] [client 104.28.225.121:24179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alaskansupernip.com"] [uri "/.env.local.copy"] [unique_id "akg9Iqz_UnoXiCTV7_PHOwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-03 22:06:54
(4 days ago)
2026-07-03 22:06:54 104.28.225.121 File scanning, blocking 104.28.225.121 for 5 minutes
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:04:12
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:04:07.085380 2026] [security2:error] [pid 13754:tid 13754] [client 104.28.225.121:11266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.cassandramarisalon.com"] [uri "/.git/HEAD"] [unique_id "akgjxxR3tw9JryXq_ZtCSwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-03 19:51:55
(4 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:41:48
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:41:44.407803 2026] [security2:error] [pid 23243:tid 23262] [client 104.28.225.121:22097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "possibilitywhisperer.teritemme.com"] [uri "/.env"] [unique_id "akf0WDSqiz-J35GzoYMg8AAAAhA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 13:04:26
(4 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.28.225.121 (BR/Brazil/-): 1 in th ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 104.28.225.121 (BR/Brazil/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
COMAITE
2026-07-03 09:32:22
(5 days ago)
Suspicious URL access.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:14:21
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:14:17.622927 2026] [security2:error] [pid 11662:tid 11662] [client 104.28.225.121:37143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isyourcorporationsafe.com.alanmariotti.com"] [uri "/app/.env"] [unique_id "akdvWbGl8T_8gOhl8LZ6wgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:59:58
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.28.225.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:59:50.806835 2026] [security2:error] [pid 17736:tid 17736] [client 104.28.225.121:44998] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.arapi.org"] [uri "/.git/HEAD"] [unique_id "akdBxoMssHfkDM_Jf1RkxQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-10 03:51:49
(4 weeks ago)
20 attempts against mh-misbehave-ban on guava
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Savvii
2026-06-08 23:04:45
(4 weeks ago)
20 attempts against mh_ha-misbehave-ban on radon
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-06-07 13:44:50
(1 month ago)
Detected mail brute force attack from 4 different servers
Brute-Force