๐บ๐ธ
TPI-Abuse
2026-07-16 06:52:59
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:52:56.356620 2026] [security2:error] [pid 8331:tid 8331] [client 13.38.34.208:34902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.texasfurnitureinc.spyasociados.com"] [uri "/.git/config"] [unique_id "alh_yBQhSi1D6Ipx0g7o7QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:38:38
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:38:31.719913 2026] [security2:error] [pid 1671:tid 1671] [client 13.38.34.208:48650] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.surviquo.com"] [uri "/.git/config"] [unique_id "alg2F3TkMO3gqFZppJgJfQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 01:02:34
(13 hours ago)
13.38.34.208 - - [16/Jul/2026:03:02:31 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh ...
show more
13.38.34.208 - - [16/Jul/2026:03:02:31 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
13.38.34.208 - - [16/Jul/2026:03:02:32 +0200] "POST / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
13.38.34.208 - - [16/Jul/2026:03:02:32 +0200] "POST / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
13.38.34.208 - - [16/Jul/2026:03:02:32 +0200] "POST / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
13.38.34.208 - - [16/Jul/2026:03:02:32 +0200] "GET /.git/config HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
1
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:54:48
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.38.34.208 (ec2-13-38-34-208.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:54:41.352341 2026] [security2:error] [pid 22775:tid 22775] [client 13.38.34.208:37870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.testsite.etudesoftware.com"] [uri "/.git/config"] [unique_id "algr0VNbjV2cPUMido7xAQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-15 17:40:10
(21 hours ago)
Excessive 404/403 errors
Brute-Force
๐ฌ๐ง
consul.to
2026-07-15 17:29:30
(21 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฎ๐น
VHosting
2026-07-15 17:10:08
(21 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
Anonymous
2026-07-15 16:25:26
(22 hours ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-15 15:58:57
(22 hours ago)
cloudlinux2 fail2ban: 2026-07-15 17:54:04,755 fail2ban.filter [1812]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-15 17:54:04,755 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 128.234.112.12 - 2026-07-15 17:54:04cloudlinux2 fail2ban: 2026-07-15 17:54:49,904 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 157.245.122.205 - 2026-07-15 17:54:49cloudlinux2 fail2ban: 2026-07-15 17:55:11,085 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.92.229.80 - 2026-07-15 17:55:10cloudlinux2 fail2ban: 2026-07-15 17:55:14,948 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.92.229.80 - 2026-07-15 17:55:14cloudlinux2 fail2ban: 2026-07-15 17:55:50,245 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 91.193.232.215 - 2026-07-15 17:55:50cloudlinux2 fail2ban: 2026-07-15 17:56:51,405 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 216.24.219.132 - 2026-07-15 17:56:49cloudlinux2 fail2ban: 2026-07-15 17:57:22,545 fail2ban.actions [1812]: NOTICE [plesk-modsecurity] Unban 47.31.69.160cloudlinux2 fail2ban: 202
show less
Web App Attack
๐ฉ๐ช
LRob
2026-07-15 13:32:27
(1 day ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: /.git/config | 5 distinct paths | UA: Mozilla/5. ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: /.git/config | 5 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
show less
Hacking