๐บ๐ธ
TPI-Abuse
2026-07-16 12:29:07
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:29:00.326361 2026] [security2:error] [pid 3920:tid 3934] [client 13.40.212.31:46738] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "love-spells-magic.com"] [uri "/.git/config"] [unique_id "aljOjIo2f6eh4Cye4RiQogAAAEg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 10:32:30
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 06:32:27.336709 2026] [security2:error] [pid 6935:tid 6935] [client 13.40.212.31:49804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lovelybeyondwords.com"] [uri "/.git/config"] [unique_id "alizOx5KqOwRCM5szlnE6gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 03:44:19
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 13.40.212.31 (ec2-13-40-212-31.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:44:14.627240 2026] [security2:error] [pid 20313:tid 20313] [client 13.40.212.31:34850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louiebluemartini.com"] [uri "/.git/config"] [unique_id "alhTjkqoasu2gOD_zLh21QAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-15 20:32:44
(1 day ago)
13.40.212.31 - - [15/Jul/2026:23:32:39 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows ...
show more
13.40.212.31 - - [15/Jul/2026:23:32:39 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
13.40.212.31 - - [15/Jul/2026:23:32:44 +0300] "GET /app/.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 22:00:43
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking
๐ณ๐ฑ
Site.eu
2026-07-14 17:59:16
(2 days ago)
Excessive 404/403 errors
Brute-Force
๐ง๐ช
cmbplf
2026-07-14 16:33:43
(2 days ago)
4.203 requests with url.path *.env
686 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-14 13:50:05
(2 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
LRob
2026-07-14 13:37:04
(2 days ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env.staging | 5 distinct paths | UA: Mozilla/5 ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env.staging | 5 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
show less
Hacking