๐บ๐ธ
antlac1
2026-07-17 04:52:27
(13 minutes ago)
crowdsecurity/http-probing
Brute-Force
Web App Attack
Anonymous
2026-07-16 13:06:10
(16 hours ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (41/60 min)'; Requests=41
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-16 09:49:36
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 05:49:33.088696 2026] [security2:error] [pid 25778:tid 25778] [client 3.252.104.53:39724] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "realestateinpalmbeachflorida.com"] [uri "/.git/config"] [unique_id "alipLQHK8ZqXvWyT3GgAQgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 08:30:21
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 04:30:16.470090 2026] [security2:error] [pid 8741:tid 8741] [client 3.252.104.53:34664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "realclean.net"] [uri "/.git/config"] [unique_id "aliWmA7mZHzISQnfNgy5OAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:23:39
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:23:33.791276 2026] [security2:error] [pid 12617:tid 12617] [client 3.252.104.53:37642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "readyaiminspire.com"] [uri "/.git/config"] [unique_id "alh45X3WZ9HofCweAc5S_wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:36:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.252.104.53 (ec2-3-252-104-53.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:36:38.513047 2026] [security2:error] [pid 11511:tid 11589] [client 3.252.104.53:33130] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "re52s.com"] [uri "/.git/config"] [unique_id "algnlvHosP7RPh0Ke06GxgAAAdM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:01:13
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
๐ซ๐ท
masterguru
2026-07-15 20:05:26
(1 day ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
๐ธ๐ช
vaia.cloud
2026-07-15 16:56:01
(1 day ago)
trying wp-login.php/xmlrpc.php 213 times in 1 minutes
Brute-Force
Web App Attack
๐ธ๐ช
konseptit
2026-07-15 14:49:59
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 3.252.104.53 (IE/Ireland/ec2-3-252-104- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.252.104.53 (IE/Ireland/ec2-3-252-104-53.eu-west-1.compute.amazonaws.com)
show less
SQL Injection
๐ฎ๐น
CoreTech srl
2026-07-15 13:08:57
(1 day ago)
cloudlinux2 fail2ban: 2026-07-15 15:03:53,983 fail2ban.filter [1812]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-15 15:03:53,983 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 209.87.169.30 - 2026-07-15 15:03:53cloudlinux2 fail2ban: 2026-07-15 15:06:14,558 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.132.227.243 - 2026-07-15 15:06:13cloudlinux2 fail2ban: 2026-07-15 15:07:39,211 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.130.83.146 - 2026-07-15 15:07:38cloudlinux2 fail2ban: 2026-07-15 15:07:33,713 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 77.137.75.77 - 2026-07-15 15:07:33cloudlinux2 fail2ban: 2026-07-15 15:07:59,053 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 125.166.1.102 - 2026-07-15 15:07:57cloudlinux2 fail2ban: 2026-07-15 15:08:02,772 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 185.251.19.141 - 2026-07-15 15:08:02cloudlinux2 fail2ban: 2026-07-15 15:08:02,031 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 125.166.1.102 - 2026-07-15 15:08:00cloudl
show less
Web App Attack
๐ง๐ช
cmbplf
2026-07-15 06:22:35
(1 day ago)
3.988 requests with url.path *.env
702 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
Anonymous
2026-07-15 06:14:08
(1 day ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 21:59:44
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking
๐ฉ๐ช
DocNetzwerk
2026-07-14 17:33:42
(2 days ago)
(mod_security) mod_security triggered on hostname [redacted] 3.252.104.53 (IE/Ireland/ec2-3-252-104- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.252.104.53 (IE/Ireland/ec2-3-252-104-53.eu-west-1.compute.amazonaws.com)
show less
SQL Injection