Anonymous
2026-07-01 04:34:43
(5 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
π©πͺ
Melle
2026-06-08 11:47:53
(4 weeks ago)
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 2a02:4780:8:1196:0:357a:54ea:1 ...
show more
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 2a02:4780:8:1196:0:357a:54ea:1 triggered 5 events | Detected: 2026-06-08T11:47:52.857024485Z
show less
Web App Attack
Hacking
π©πͺ
Viveronese
2026-06-08 11:35:26
(4 weeks ago)
HTTP vulnerability scanning
Web App Attack
π¦πΊ
Anytech
2026-06-08 11:30:41
(4 weeks ago)
Blocked by Conn-Monitor: Web scanning activity
Hacking
Web App Attack
π©πͺ
ger-stg-sifi1
2026-06-08 08:06:43
(4 weeks ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 06:37:31
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:37:24.470232 2026] [security2:error] [pid 16785:tid 16785] [client 2a02:4780:8:1196:0:357a:54ea:1:23526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "themadwriter.us"] [uri "/member/.env"] [unique_id "aiZjJIl85WymAlBe3zfJ8wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 05:59:11
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:59:05.123721 2026] [security2:error] [pid 21689:tid 21689] [client 2a02:4780:8:1196:0:357a:54ea:1:46324] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mavikalem.org"] [uri "/member/.env"] [unique_id "aiZaKbz2Emij1hYpPiuzAAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
gadix
2026-06-08 03:07:16
(4 weeks ago)
[08/Jun/2026:05:07:14.653917 +0200] aiYx4rPk1oOYF41bUbv1iQAAAIE 2a02:4780:8:1196:0:357a:54ea:1 58310 ...
show more
[08/Jun/2026:05:07:14.653917 +0200] aiYx4rPk1oOYF41bUbv1iQAAAIE 2a02:4780:8:1196:0:357a:54ea:1 58310 127.0.0.1 7081
[08/Jun/2026:05:07:14.654570 +0200] aiYx4nBAfjtx80KEArX2fQAAAFA 2a02:4780:8:1196:0:357a:54ea:1 58324 127.0.0.1 7081
[08/Jun/2026:05:07:14.657058 +0200] aiYx4rPk1oOYF41bUbv1igAAAIY 2a02:4780:8:1196:0:357a:54ea:1 58330 127.0.0.1 7081
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 02:05:25
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:05:18.006971 2026] [security2:error] [pid 28378:tid 28378] [client 2a02:4780:8:1196:0:357a:54ea:1:38260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toxicwater.com"] [uri "/laravel/.env"] [unique_id "aiYjXm5DVyWHF6RNIXsQjwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Lunix
2026-06-08 00:45:44
(4 weeks ago)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 23:42:47
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:42:42.011171 2026] [security2:error] [pid 26612:tid 26627] [client 2a02:4780:8:1196:0:357a:54ea:1:23670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myrasnyder.com"] [uri "/app/.env"] [unique_id "aiYB8hppmsPpDr-WrCgJJgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-07 22:52:36
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:52:30.966308 2026] [security2:error] [pid 17667:tid 17667] [client 2a02:4780:8:1196:0:357a:54ea:1:39816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taylors.us"] [uri "/dev/.env"] [unique_id "aiX2LuLYv4DEaVFrD0fVRgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-06-07 22:07:32
(4 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-07 21:57:16
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2a02:4780:8:1196:0:357a:54ea:1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:57:09.492240 2026] [security2:error] [pid 9728:tid 9754] [client 2a02:4780:8:1196:0:357a:54ea:1:51354] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lavonnesells.com"] [uri "/.env"] [unique_id "aiXpNZbEZi6QWFGp3MU6OAAAARI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
pm33
2026-06-07 21:55:06
(4 weeks ago)
Excessive crawling HTTP 404
Web App Attack