π³π±
homeshowdomain.nl
2026-07-16 22:01:30
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-16 16:44:52
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:44:46.463630 2026] [security2:error] [pid 961:tid 961] [client 18.133.225.148:52556] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grupo-visalud.com"] [uri "/.git/config"] [unique_id "alkKfuaa90zCCyokz_69rQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 15:29:31
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:29:27.150119 2026] [security2:error] [pid 3053788:tid 3053788] [client 18.133.225.148:45666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grupoporvenir.com"] [uri "/.git/config"] [unique_id "alj4112S0XXpG5SUQjCHgwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-16 14:59:03
(2 days ago)
Excessive 404/403 errors
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-16 14:01:04
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:00:58.867990 2026] [security2:error] [pid 4162522:tid 4162522] [client 18.133.225.148:37756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grupoimaginarte.com"] [uri "/.git/config"] [unique_id "aljkGpKw40__TefUUMt6YgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-16 13:15:24
(2 days ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
π§πͺ
cmbplf
2026-07-16 00:48:58
(2 days ago)
2.948 requests with url.path *.env
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-15 23:27:32
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 19:27:28.302572 2026] [security2:error] [pid 16783:tid 16807] [client 18.133.225.148:43268] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.git/config"] [unique_id "algXYOnZ9D_Fqh1MQVVFrgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-15 22:00:33
(3 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
π«π·
Octopuce
2026-07-15 20:41:53
(3 days ago)
Aggressive web search of vulnerable pages: /.env /.env.local /app/.env /apps/.env /api/.env ...
Web App Attack
π³π±
Mangelot Hosting
2026-07-15 18:50:50
(3 days ago)
(php_susp_dir) srv103 PHP in suspicious dir 18.133.225.148 (GB/United Kingdom/ec2-18-133-225-148.eu- ...
show more
(php_susp_dir) srv103 PHP in suspicious dir 18.133.225.148 (GB/United Kingdom/ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
Anonymous
2026-07-15 18:16:14
(3 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-07-15 15:18:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 18.133.225.148 (ec2-18-133-225-148.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 11:18:17.294483 2026] [security2:error] [pid 711828:tid 711828] [client 18.133.225.148:58448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kentuckyminiaturehorsebreeders.org"] [uri "/.git/config"] [unique_id "alekuWQWbuOeFqPQjUmpPAAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack