๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:00:23
(54 minutes ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-15.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
Cรฉline
2026-07-16 20:23:40
(2 hours ago)
Shield Guard: RFI/LFI dans 'POST:0' | Command Injection dans 'POST:0' | Mรฉthode POST sur endpoint le ...
show more
Shield Guard: RFI/LFI dans 'POST:0' | Command Injection dans 'POST:0' | Mรฉthode POST sur endpoint lecture seule
show less
SQL Injection
๐ช๐ธ
Francisco Vallejo
2026-07-16 19:42:45
(3 hours ago)
[Thu Jul 16 21:42:43.912778 2026] [core:info] [pid 1852668:tid 126600620250816] [client 35.166.193.2 ...
show more
[Thu Jul 16 21:42:43.912778 2026] [core:info] [pid 1852668:tid 126600620250816] [client 35.166.193.251:51474] AH00128: File does not exist: /var/www/franvallejo/.env
[Thu Jul 16 21:42:44.090324 2026] [core:info] [pid 1852668:tid 126600200844992] [client 35.166.193.251:51474] AH00128: File does not exist: /var/www/franvallejo/.env.local
[Thu Jul 16 21:42:44.274385 2026] [core:info] [pid 1852668:tid 126600192452288] [client 35.166.193.251:51474] AH00128: File does not exist: /var/www/franvallejo/.env.production
[Thu Jul 16 21:42:44.458800 2026] [core:info] [pid 1852668:tid 126600184059584] [client 35.166.193.251:51474] AH00128: File does not exist: /var/www/franvallejo/.env.staging
[Thu Jul 16 21:42:44.816444 2026] [core:info] [pid 1852668:tid 126600150488768] [client 35.166.193.251:51474] AH00128: File does not exist: /var/www/franvallejo/.env.development
...
show less
Brute-Force
SSH
๐ท๐บ
DZBOT
2026-07-16 12:18:52
(10 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:13:56
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:13:52.802001 2026] [security2:error] [pid 1467:tid 1467] [client 35.166.193.251:49714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bergenoaks.com"] [uri "/.git/config"] [unique_id "aljLALf1R59IuhzygIydoQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-16 09:38:57
(13 hours ago)
cloudlinux2 fail2ban: 2026-07-16 11:34:13,693 fail2ban.filter [1812]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-16 11:34:13,693 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 136.144.35.93 - 2026-07-16 11:34:13cloudlinux2 fail2ban: 2026-07-16 11:34:14,272 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 136.144.35.89 - 2026-07-16 11:34:13cloudlinux2 fail2ban: 2026-07-16 11:34:14,331 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 136.144.35.77 - 2026-07-16 11:34:13cloudlinux2 fail2ban: 2026-07-16 11:34:13,791 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 136.144.35.96 - 2026-07-16 11:34:13cloudlinux2 fail2ban: 2026-07-16 11:34:29,800 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 35.166.193.251 - 2026-07-16 11:34:29cloudlinux2 fail2ban: 2026-07-16 11:34:30,965 fail2ban.filter [1812]: INFO [recidive] Found 35.166.193.251 - 2026-07-16 11:34:30cloudlinux2 fail2ban: 2026-07-16 11:34:30,190 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 35.166.193.251 - 2026-07-16 11:34:30cloudlinu
show less
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-16 08:46:44
(14 hours ago)
(modsecurity) srv102 ModSecurity 35.166.193.251 (US/United States/ec2-35-166-193-251.us-west-2.compu ...
show more
(modsecurity) srv102 ModSecurity 35.166.193.251 (US/United States/ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:58:35
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:58:32.128241 2026] [security2:error] [pid 5092:tid 5092] [client 35.166.193.251:36702] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bentechconstruction.com"] [uri "/.git/config"] [unique_id "aliBGAw9aD-26yhVusIGiwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:34:31
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:34:25.517577 2026] [security2:error] [pid 11197:tid 11197] [client 35.166.193.251:43304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "benshermanguitar.com"] [uri "/.git/config"] [unique_id "alh7cfUJkbjhf0FR8aHMEgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 05:19:58
(17 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:19:54.903222 2026] [security2:error] [pid 25784:tid 25784] [client 35.166.193.251:57740] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bennefeld.k0cgy.net"] [uri "/.git/config"] [unique_id "alhp-quqKR6hwxZiT2X7OgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:31:13
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 35.166.193.251 (ec2-35-166-193-251.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:31:06.485494 2026] [security2:error] [pid 9613:tid 9613] [client 35.166.193.251:50834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bencramer.net"] [uri "/.git/config"] [unique_id "algmSmr4Me7UjIlKEe1hFwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-15 23:31:53
(23 hours ago)
608 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-15 20:38:00
(1 day ago)
Excessive 404/403 errors
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 22:00:48
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking
Anonymous
2026-07-14 14:43:00
(2 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack