Anonymous
2026-07-06 16:34:27
(1 day ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
π³π±
homeshowdomain.nl
2026-07-05 22:02:32
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-04.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-05 01:41:04
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 21:40:57.331783 2026] [security2:error] [pid 5152:tid 5152] [client 35.185.26.115:40278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "videoverse.com"] [uri "/.git/config"] [unique_id "akm2KeYo_L6jq4EcB_CE8gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©π°
ScamAware
2026-07-05 01:29:29
(3 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
π©πͺ
sdos.es
2026-07-05 01:28:26
(3 days ago)
"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 01:01:06
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 21:01:00.283973 2026] [security2:error] [pid 5826:tid 5826] [client 35.185.26.115:43190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vib-intl.com"] [uri "/.git/config"] [unique_id "akmszGDD9N_bMPHgApUIqgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
andypiper
2026-07-05 01:01:04
(3 days ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
π©πͺ
FeG Deutschland
2026-07-05 00:51:33
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 00:31:30
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 20:31:26.615776 2026] [security2:error] [pid 17871:tid 17871] [client 35.185.26.115:38726] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vffv.com"] [uri "/.git/config"] [unique_id "akml3j1d3UtPBdX63tedygAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
LRob
2026-07-05 00:15:03
(3 days ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-05 00:10:43
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 20:10:35.252579 2026] [security2:error] [pid 29514:tid 29514] [client 35.185.26.115:42648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vesalappi.com"] [uri "/.git/config"] [unique_id "akmg-3HFlrPnGuQvD2DrhAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
wlt-blocker
2026-07-05 00:08:50
(3 days ago)
Unauthorized access to webpage admin
Web App Attack
π·π΄
INTEQ
2026-07-04 23:59:55
(3 days ago)
Web attack from 35.185.26.115
Web App Attack
π¬π§
Oakley
2026-07-04 23:59:42
(3 days ago)
(confirmed_bot_sig) Confirmed bot
Hacking
πΊπΈ
TPI-Abuse
2026-07-04 23:54:11
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.26.115 (115.26.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:54:06.695730 2026] [security2:error] [pid 9571:tid 9571] [client 35.185.26.115:40636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "versahealthcare.com"] [uri "/.git/config"] [unique_id "akmdHqG3Yw69VbQpUcYBbAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack