๐ฌ๐ง
thetomtaylor.co.uk
2026-06-20 13:06:02
(3 weeks ago)
Fail2Ban - [WAF]ModSecurity OWASP CRS rule violation on nginx-modsecurity ... [ice01,ice02,wa01]
Hacking
SQL Injection
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-06-20 10:07:02
(3 weeks ago)
Fail2Ban - [WAF]ModSecurity OWASP CRS rule violation on nginx-modsecurity ... [wa02]
Hacking
SQL Injection
Web App Attack
Anonymous
2026-06-19 02:20:02
(3 weeks ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐ฉ๐ช
Spiderpiggy
2026-06-18 23:16:18
(3 weeks ago)
Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ...
show more
Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /test.php
show less
Brute-Force
Bad Web Bot
SSH
๐บ๐ธ
TPI-Abuse
2026-06-18 22:09:32
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:09:25.294338 2026] [security2:error] [pid 25803:tid 25803] [client 160.176.146.20:53791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ahsigns.com"] [uri "/.env"] [unique_id "ajRslZ0AavYEnEMF8_wLwwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
netclix.gr
2026-06-18 21:40:23
(3 weeks ago)
(bot_kill_mega) Aggressive Bot Blocked: SemrushBot 160.176.146.20 (MA/Morocco/-): 1 in the last 4600 ...
show more
(bot_kill_mega) Aggressive Bot Blocked: SemrushBot 160.176.146.20 (MA/Morocco/-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 160.176.146.20 - - [19/Jun/2026:00:40:18 +0300] "GET /info.php HTTP/2.0" 200 38300 "http://nisidressroom.gr/info.php" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
show less
Port Scan
๐จ๐ญ
Origon
2026-06-18 21:40:18
(3 weeks ago)
http-technology-probing - IP: 160.176.146.20 - time="2026-06-18T23:40:17+02:00" level=info msg="(55 ...
show more
http-technology-probing - IP: 160.176.146.20 - time="2026-06-18T23:40:17+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje) alert : crowdsecurity/http-technology-probing by ip 160.176.146.20 (MA/36903)" module=db
show less
Web App Attack
Anonymous
2026-06-18 21:35:02
(3 weeks ago)
suspicious request in access.log
Web App Attack
๐ฆ๐บ
aranguren.org
2026-06-18 21:34:06
(3 weeks ago)
160.176.146.20 - - [19/Jun/2026:07:33:59 +1000] "GET /info.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (X1 ...
show more
160.176.146.20 - - [19/Jun/2026:07:33:59 +1000] "GET /info.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0"
160.176.146.20 - - [19/Jun/2026:07:33:59 +1000] "GET /test.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; rv:115.0) Gecko/20100101 Firefox/115.0"
160.176.146.20 - - [19/Jun/2026:07:34:00 +1000] "GET /info.php HTTP/2.0" 404 16 "https://faucet.luis.im/info.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/125.0.0.0 Safari/537.36"
160.176.146.20 - - [19/Jun/2026:07:34:00 +1000] "GET /test.php HTTP/2.0" 404 16 "https://faucet.luis.im/test.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.5 Safari/605.1.15"
160.176.146.20 - - [19/Jun/2026:07:34:01 +1000] "GET /.env HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"
160.176.146.20 - - [19/Jun/2026:07:34:05 +1000] "GET /.env HTTP/2.0" 404 1124 "https://faucet.
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-18 21:08:18
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:08:13.148557 2026] [security2:error] [pid 14908:tid 14908] [client 160.176.146.20:58539] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "presucad.com"] [uri "/.env"] [unique_id "ajRePTg7QNV_ccCiRAk71AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
33three
2026-06-18 21:07:22
(3 weeks ago)
Fail2Ban jail WebAttack triggered
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-18 20:50:46
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 160.176.146.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:50:39.840481 2026] [security2:error] [pid 15800:tid 15815] [client 160.176.146.20:54561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andeanbouquet.com"] [uri "/.env"] [unique_id "ajRaH_-PmdGDcjZ6E9uSfAAAAMo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
[email protected]
2026-06-18 20:38:35
(3 weeks ago)
160.176.146.20 - - [18/Jun/2026:22:38:34 +0200] "GET /info.php HTTP/2.0" 404 504 "http://diegoweb.ch ...
show more
160.176.146.20 - - [18/Jun/2026:22:38:34 +0200] "GET /info.php HTTP/2.0" 404 504 "http://diegoweb.ch/info.php" "Mozilla/5.0 (compatible; Bingbot/2.0; +http://www.bing.com/bingbot.htm)"
show less
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-18 20:37:46
(3 weeks ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack