Anonymous
2026-07-02 08:02:55
(20 hours ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KH, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KH, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
πͺπΈ
alferez
2026-07-01 19:06:22
(1 day ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-01 07:02:54
(1 day ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KH, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KH, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
π³π±
Savvii
2026-07-01 06:54:55
(1 day ago)
20 attempts against mh-misbehave-ban on flow
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ghostwarriors
2026-07-01 06:50:39
(1 day ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
π³π±
e.fierstra
2026-07-01 05:53:17
(1 day ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
π©πͺ
wpadm4
2026-07-01 05:25:39
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π«π·
masterguru
2026-07-01 04:58:30
(2 days ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
π«π·
EDSL
2026-07-01 04:47:59
(2 days ago)
[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)
Web App Attack
Hacking
Port Scan
πΊπΈ
TPI-Abuse
2026-07-01 03:23:37
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:23:31.073392 2026] [security2:error] [pid 29343:tid 29343] [client 38.60.169.166:42694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dbfitwell.com"] [uri "/.env.backup"] [unique_id "akSIM9JTfCqgp6J7DGDKdQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 03:03:20
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 23:03:15.580495 2026] [security2:error] [pid 12602:tid 12602] [client 38.60.169.166:58664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hyggewomenscenter.com.spaceritual.net"] [uri "/.env.dev"] [unique_id "akSDc9hukblVk9zx9n-4FgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 02:01:16
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 38.60.169.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 22:01:10.346464 2026] [security2:error] [pid 9505:tid 9505] [client 38.60.169.166:36846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "albionglobalmarketing.com"] [uri "/.env"] [unique_id "akR05l3PwaOdD549rhRz_wAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 01:53:09
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-01 01:52:21
(2 days ago)
38.60.169.166 - - [01/Jul/2026:03:52:14 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 118754 "-" "Moz ...
show more
38.60.169.166 - - [01/Jul/2026:03:52:14 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 118754 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
38.60.169.166 - - [01/Jul/2026:03:52:14 +0200] "GET /wp-config.php.bak HTTP/1.1" 404 118501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
38.60.169.166 - - [01/Jul/2026:03:52:17 +0200] "GET /wp-config.php.old HTTP/1.1" 404 118754 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
38.60.169.166 - - [01/Jul/2026:03:52:17 +0200] "GET /wp-config.php.old HTTP/1.1" 404 118501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
38.60.169.166 - - [01/Jul/2026:03:52:20 +0200] "GET /wp-config.php.save HTTP/1.1" 404 118754 "-" "Mozill
...
show less
Brute-Force
Web App Attack
π©πͺ
onlyops.app
2026-07-01 01:00:18
(2 days ago)
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-mods ...
show more
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-modsecurity jail) | onlyops.app
show less
Exploited Host