๐ฉ๐ช
Selckie
2026-06-08 12:11:11
(3 weeks ago)
fail2ban: NGINX unusual impact
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 12:04:14
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:04:07.981544 2026] [security2:error] [pid 13570:tid 13570] [client 195.35.39.62:40544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "favourpa.com"] [uri "/admin/.env"] [unique_id "aiavtzvkh4Iw7z1rgr5i9QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SwinT
2026-06-08 10:00:06
(3 weeks ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 08:22:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 04:22:41.930215 2026] [security2:error] [pid 10836:tid 10881] [client 195.35.39.62:38634] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southsideeconomic.org"] [uri "/api/.env"] [unique_id "aiZ70SgnvhHg7I1NCmXcIgAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 05:12:43
(3 weeks ago)
Honeytrap
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 04:39:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:39:16.383707 2026] [security2:error] [pid 31460:tid 31462] [client 195.35.39.62:32462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ammisr.com"] [uri "/dev/.env"] [unique_id "aiZHdOYvKk8cmuqiWKQa7QAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
antlac1
2026-06-08 03:48:10
(3 weeks ago)
crowdsecurity/http-probing
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-06-08 02:07:55
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:34:13
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:34:07.624118 2026] [security2:error] [pid 6711:tid 6711] [client 195.35.39.62:23402] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "getmypov.com"] [uri "/admin/.env"] [unique_id "aiYcDxcpat7aowV3TftfDwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-06-08 01:25:46
(3 weeks ago)
Multiple WAF Violations
Web App Attack
๐ฆ๐บ
AWW-Admin
2026-06-08 00:09:25
(3 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 195.35.39.62 (US/United States/-)
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-07 23:12:35
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:12:28.814499 2026] [security2:error] [pid 1346:tid 1346] [client 195.35.39.62:50056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sarahgrammer.com"] [uri "/dev/.env"] [unique_id "aiX63FOnXGkto7ZhUNICfwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-06-07 21:28:43
(3 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 195.35.39.62 (US/United States/-): 2 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 195.35.39.62 (US/United States/-): 2 in the last 3600 secs
show less
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-07 20:30:02
(3 weeks ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 19:53:42
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 195.35.39.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 15:53:38.760778 2026] [security2:error] [pid 3689:tid 3689] [client 195.35.39.62:50814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pamolson.org"] [uri "/core/.env.save"] [unique_id "aiXMQilQL3Q9cpIdjqwqigAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack