Anonymous
2026-07-10 16:32:31
(21 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ณ๐ฑ
homeshowdomain.nl
2026-07-09 21:59:13
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-08.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-07-08 22:03:18
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-08
Web App Attack
SSH
Hacking
Anonymous
2026-07-08 12:20:46
(3 days ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-08 10:00:32
(3 days ago)
Environment file probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 09:46:25
(3 days ago)
(mod_security) mod_security (id:949110) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:949110) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:46:18.670332 2026] [security2:error] [pid 10255:tid 10255] [client 160.178.215.184:54342] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "agoodsign.biz"] [uri "/.env"] [unique_id "ak4caiZ0Q75GPZezWseXMgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 09:36:28
(3 days ago)
1.685 requests with url.path *.env
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 09:27:20
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:27:14.541086 2026] [security2:error] [pid 13928:tid 13928] [client 160.178.215.184:58309] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.yourpath.help"] [uri "/.env"] [unique_id "ak4X8rFVB9EiJr-rAWVvJQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
CBJ
2026-07-08 09:15:21
(3 days ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐ซ๐ท
masterguru
2026-07-08 09:13:47
(3 days ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 09:00:25
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:00:21.373516 2026] [security2:error] [pid 31408:tid 31433] [client 160.178.215.184:64412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.colinkyffinmusic.com"] [uri "/.env"] [unique_id "ak4RpZzXKR3WcbHpJYmvXwAAAJc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-08 08:54:24
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-08 08:44:27
(3 days ago)
http scanning for .env files
...
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 08:37:16
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:37:12.487836 2026] [security2:error] [pid 31702:tid 31702] [client 160.178.215.184:49720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web55.dnchosting.com"] [uri "/.env"] [unique_id "ak4MOAwKw8G0eWL12A8ObAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:46:03
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 160.178.215.184 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:45:57.081556 2026] [security2:error] [pid 4637:tid 4637] [client 160.178.215.184:62538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arofish.us"] [uri "/.env"] [unique_id "ak4ANYLYxJzpI9gHM2Cn4gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack