๐ฎ๐น
VHosting
2026-07-08 15:25:05
(3 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 14:54:50
(3 days ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-08 14:08:27
(3 days ago)
Excessive 404/403 errors
Brute-Force
Anonymous
2026-07-08 13:46:47
(3 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-29 18:33:37
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 13:33:33.619035 2025] [security2:error] [pid 16655:tid 16655] [client 54.180.79.212:40344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonmedia.ai"] [uri "/.env.local"] [unique_id "aSs8fUgiBKXiT_Yt38Z-TAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2025-11-29 17:50:59
(7 months ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
mnsf
2025-11-29 11:05:08
(7 months ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-29 11:00:01
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 05:59:55.809798 2025] [security2:error] [pid 10286:tid 10299] [client 54.180.79.212:33148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucy.abney.info"] [uri "/.env.old"] [unique_id "aSrSK3sb8NmBpACUhRu9ggAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
grassau.com
2025-11-28 23:01:35
(7 months ago)
(mod_security) mod_security triggered on hostname [redacted] 54.180.79.212 (KR/South Korea/ec2-54-18 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 54.180.79.212 (KR/South Korea/ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com)
show less
SQL Injection
๐ณ๐ฑ
debestelapp
2025-11-28 23:00:13
(7 months ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 22:33:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 17:33:34.601219 2025] [security2:error] [pid 10482:tid 10482] [client 54.180.79.212:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kcdusa.com"] [uri "/.env"] [unique_id "aSojPrMm0sgoCJ0Do0hatQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2025-11-28 22:03:40
(7 months ago)
(mod_security) mod_security triggered on hostname [redacted] 54.180.79.212 (KR/South Korea/ec2-54-18 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 54.180.79.212 (KR/South Korea/ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com): (CF_ENABLE)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2025-11-28 20:42:45
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.180.79.212 (ec2-54-180-79-212.ap-northeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 15:42:38.541477 2025] [security2:error] [pid 6200:tid 6200] [client 54.180.79.212:59622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.thebestac.com"] [uri "/.git/config"] [unique_id "aSoJPqnGeuqfs9Rs83HGowAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2025-11-28 20:37:21
(7 months ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
dbmwebdesign
2025-11-28 20:35:21
(7 months ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack