Anonymous
2025-11-30 16:21:46
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ณ๐ฑ
Site.eu
2025-11-30 12:58:45
(7 months ago)
Excessive 404/403 errors
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2025-11-30 12:50:51
(7 months ago)
Blocked by CSF 13 firewall - Rule: config-dotfile
US/United States/ec2-13-37-211-183.eu-west-3.compu ...
show more
Blocked by CSF 13 firewall - Rule: config-dotfile
US/United States/ec2-13-37-211-183.eu-west-3.compute.amazonaws.com
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-30 12:32:50
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 13.37.211.183 (ec2-13-37-211-183.eu-west-3.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.37.211.183 (ec2-13-37-211-183.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 07:32:45.100550 2025] [security2:error] [pid 28057:tid 28057] [client 13.37.211.183:35406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "microdot.net"] [uri "/wp-config.php.old"] [unique_id "aSw5bZQI93ZFF37Uh9_1UAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Antifraud Email
2025-04-20 07:23:00
(1 year ago)
Suspicious activity: automated scanning for WordPress installations across multiple domains (/wp and ...
show more
Suspicious activity: automated scanning for WordPress installations across multiple domains (/wp and /wordpress paths). Hundreds of 404 errors in a short period, likely probing for vulnerabilities.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
LotPhantom
2025-04-20 00:49:31
(1 year ago)
13.37.211.183 - - [20/Apr/2025:00:48:30 +0000] "GET / HTTP/1.1" 404 548 "www.google.com" "Mozilla/5. ...
show more
13.37.211.183 - - [20/Apr/2025:00:48:30 +0000] "GET / HTTP/1.1" 404 548 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" "0"
...
show less
Web App Attack
๐บ๐ธ
Rip
2025-04-19 21:24:41
(1 year ago)
Excessive 404 errors - maxretry exceeded.
...
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2025-04-19 20:10:32
(1 year ago)
Brute force basic-auth access
Web App Attack
๐ณ๐ฟ
Tripwire
2025-04-19 18:17:33
(1 year ago)
Fake referrer "www.google.com"
Bad Web Bot
๐บ๐ธ
Epimetheus
2025-04-19 17:12:44
(1 year ago)
Unauthorized access attempts:
From:
13.37.211.183
Method:
HTTP GET
URI Path:
/blog
UA:
"Mozi ...
show more
Unauthorized access attempts:
From:
13.37.211.183
Method:
HTTP GET
URI Path:
/blog
UA:
"Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
show less
Web App Attack
๐ฉ๐ช
0x44
2025-04-19 14:26:49
(1 year ago)
2025/04/19 [ * Spam host detected, probing for vulnerabilities]
...
Web Spam
Exploited Host
Web App Attack
Anonymous
2025-04-19 14:21:55
(1 year ago)
13.37.211.183 - - [19/Apr/2025:16:21:26 +0200] "GET / HTTP/1.1" 487 0 "www.google.com" "Mozilla/5.0 ...
show more
13.37.211.183 - - [19/Apr/2025:16:21:26 +0200] "GET / HTTP/1.1" 487 0 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 - - [19/Apr/2025:16:21:35 +0200] "GET /wp HTTP/1.1" 487 0 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 - - [19/Apr/2025:16:21:41 +0200] "GET /wordpress HTTP/1.1" 487 0 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 - - [19/Apr/2025:16:21:45 +0200] "GET /matrix HTTP/1.1" 487 0 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 -
...
show less
Web App Attack
๐จ๐ฆ
polycoda
2025-04-19 12:12:18
(1 year ago)
๐ Probes for tons of inexistent directory listings
Hacking
Web App Attack
๐บ๐ธ
Gabriel Camargo
2025-04-19 09:30:22
(1 year ago)
13.37.211.183 - - [19/Apr/2025:04:30:17 -0500] "GET / HTTP/1.1" 301 178 "www.google.com" "Mozilla/5. ...
show more
13.37.211.183 - - [19/Apr/2025:04:30:17 -0500] "GET / HTTP/1.1" 301 178 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 - - [19/Apr/2025:04:30:20 -0500] "GET /wp HTTP/1.1" 301 178 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
13.37.211.183 - - [19/Apr/2025:04:30:22 -0500] "GET /wordpress HTTP/1.1" 301 178 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36"
...
show less
Brute-Force
SSH
๐ฆ๐บ
MAGIC
2025-04-19 07:05:29
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot