๐บ๐ธ
TPI-Abuse
2026-07-17 00:58:30
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:58:26.835918 2026] [security2:error] [pid 59534:tid 59534] [client 18.228.205.6:47040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianstomp.com"] [uri "/.git/config"] [unique_id "all-MigrpvLKeN5fTYEoigAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:03:28
(21 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 14:09:12
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:09:08.271379 2026] [security2:error] [pid 23194:tid 23238] [client 18.228.205.6:58382] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malvadocuaderno.emehache.net"] [uri "/.git/config"] [unique_id "aljmBGLq62igbO63FRYFaQAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:07:58
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:07:54.265049 2026] [security2:error] [pid 31019:tid 31019] [client 18.228.205.6:35254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malta-boat-registration.com"] [uri "/.git/config"] [unique_id "aljXqhHVAypd4sGHNr2fygAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 10:19:55
(1 day ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 07:28:32
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 18.228.205.6 (ec2-18-228-205-6.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:28:28.511427 2026] [security2:error] [pid 20089:tid 20089] [client 18.228.205.6:44248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maledon.com"] [uri "/.git/config"] [unique_id "aliIHF5jBxiRqZdmiE8lkwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Petros Stefanakis
2026-07-16 04:16:09
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 18.228.205.6 (BR/Brazil/ec2-18-228-205- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 18.228.205.6 (BR/Brazil/ec2-18-228-205-6.sa-east-1.compute.amazonaws.com)
show less
SQL Injection
๐ซ๐ท
Octopuce
2026-07-14 23:25:27
(2 days ago)
Aggressive web search of vulnerable pages: /.env /.env.local /app/.env /apps/.env /api/.env ...
Web App Attack
Anonymous
2026-07-14 21:52:09
(2 days ago)
18.228.205.6 - - [14/Jul/2026:23:52:08 +0200] "GET /.git/config HTTP/1.1" 402 891 "-" "Mozilla/5.0 ( ...
show more
18.228.205.6 - - [14/Jul/2026:23:52:08 +0200] "GET /.git/config HTTP/1.1" 402 891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" ...
show less
Web App Attack
๐ฉ๐ช
pscriptos
2026-07-14 21:04:29
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ฉ๐ช
FeG Deutschland
2026-07-14 19:11:14
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack