π«π·
MustardLife
2025-09-15 08:29:00
(9 months ago)
Several alerts from FW
Exploited Host
Web App Attack
π³π±
debestelapp
2025-09-15 04:00:05
(9 months ago)
Web App Attack
Anonymous
2025-09-14 15:47:02
(9 months ago)
Spoofed requests
Hacking
Brute-Force
Web App Attack
Anonymous
2025-09-14 15:31:04
(9 months ago)
Restricted File Access Requests
Hacking
Brute-Force
πΊπΈ
TPI-Abuse
2025-09-14 14:08:47
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 10:08:44.310789 2025] [security2:error] [pid 8731:tid 8731] [client 18.130.254.169:59398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whitmarshinc.com"] [uri "/.env"] [unique_id "aMbMbKanJFrTLqbtdXFfzQAAAAM"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Savvii
2025-09-14 13:01:46
(9 months ago)
30 attempts against mh-misbehave-ban on iron
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
Aetherweb Ark
2025-09-14 12:34:09
(9 months ago)
(mod_security) mod_security (id:949110) triggered by 18.130.254.169 (GB/United Kingdom/ec2-18-130-25 ...
show more
(mod_security) mod_security (id:949110) triggered by 18.130.254.169 (GB/United Kingdom/ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): N in the last X secs
show less
Web App Attack
π³π΄
tmiland
2025-09-14 10:26:48
(9 months ago)
(nginx_404) Dot directory Honeypot Trap 18.130.254.169 (GB/United Kingdom/ec2-18-130-254-169.eu-west ...
show more
(nginx_404) Dot directory Honeypot Trap 18.130.254.169 (GB/United Kingdom/ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): 2 in the last 3600 secs
show less
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-09-14 10:18:00
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 06:17:53.474464 2025] [security2:error] [pid 6086:tid 6127] [client 18.130.254.169:37732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proto.wizart.org"] [uri "/.env"] [unique_id "aMaWUTGy1Z0ZqRG-KpBxYgAAAUk"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
Mediashaker
2025-09-14 10:07:04
(9 months ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 18.130.254.169 (GB/Unite ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 18.130.254.169 (GB/United Kingdom/ec2-18-130-254-169.eu-west-2.compute.amazonaws.com)
show less
Port Scan
π©πͺ
DocNetzwerk
2025-09-14 09:50:44
(9 months ago)
(mod_security) mod_security triggered on hostname [redacted] 18.130.254.169 (GB/United Kingdom/ec2-1 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 18.130.254.169 (GB/United Kingdom/ec2-18-130-254-169.eu-west-2.compute.amazonaws.com)
show less
SQL Injection
πΊπΈ
TPI-Abuse
2025-09-14 09:02:29
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 05:02:21.826529 2025] [security2:error] [pid 3570:tid 3570] [client 18.130.254.169:36866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "protection4allsecurity.com"] [uri "/.env"] [unique_id "aMaEnTdqXachU0bXkKxsSwAAAAw"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-09-14 07:33:02
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.130.254.169 (ec2-18-130-254-169.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 03:32:55.341569 2025] [security2:error] [pid 20143:tid 20143] [client 18.130.254.169:36806] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prostar.industries"] [uri "/.env"] [unique_id "aMZvp9Q5a82UMLX3h3ytRwAAAAY"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-14 07:05:06
(9 months ago)
Blocked: Reason='Vulnerability probing β PHP scan detected (30/60 min)'; Requests=30
Port Scan
Anonymous
2025-09-14 06:58:22
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH