๐ณ๐ฑ
homeshowdomain.nl
2025-11-28 23:02:19
(7 months ago)
Auto-ban: >3000 req/min op 2025-11-28
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2025-11-28 10:26:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 05:26:33.703832 2025] [security2:error] [pid 24468:tid 24468] [client 3.96.151.85:41680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slimlaw.com"] [uri "/.git/config"] [unique_id "aSl42Uiw_ttgtnsZlqkpAQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 10:01:55
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 05:01:51.053349 2025] [security2:error] [pid 7204:tid 7217] [client 3.96.151.85:56442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slelectric.com"] [uri "/.git/config"] [unique_id "aSlzD_S3KS_BGaHF2OeI0AAAAQs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 09:41:53
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 04:41:46.707946 2025] [security2:error] [pid 15118:tid 15118] [client 3.96.151.85:46950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slcflyers.com.rollinchassis.com"] [uri "/.git/config"] [unique_id "aSluWlETocBD_v8uI_aKlwAAAG4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ถ๐ฆ
mburaks
2025-11-28 08:18:00
(7 months ago)
"GET /.env.local HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /.env.remote HTTP/1 ...
show more
"GET /.env.local HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /.env.remote HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /.env.production HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /phpinfo HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /info.php HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /_profiler/phpinfo HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /php_info.php HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
"GET /test.php HTTP/1.1" 404 179 "-" "python-httpx/0.22.0" "3.96.151.85"
show less
Brute-Force
Bad Web Bot
Anonymous
2025-11-28 07:59:50
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-11-28 00:52:18
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 3.96.151.85 (ec2-3-96-151-85.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 19:52:15.416961 2025] [security2:error] [pid 21361:tid 21361] [client 3.96.151.85:54924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shorelineshowerdoor.com"] [uri "/.git/config"] [unique_id "aSjyP-AaN7QaDtGwZF6vlgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2025-11-27 22:16:52
(7 months ago)
BAD BOT - Detected and Blocked.. Matched phrase "python" at REQUEST_HEADERS:User-Agent. (1100000-196 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "python" at REQUEST_HEADERS:User-Agent. (1100000-196)
show less
Bad Web Bot
๐ฎ๐ช
abassolsa
2025-11-27 22:07:31
(7 months ago)
3.96.151.85 - - [27/Nov/2025:22:07:30 +0000] "GET /phpinfo.php HTTP/1.1" 404 37859 "-" "python-httpx ...
show more
3.96.151.85 - - [27/Nov/2025:22:07:30 +0000] "GET /phpinfo.php HTTP/1.1" 404 37859 "-" "python-httpx/0.22.0"
3.96.151.85 - - [27/Nov/2025:22:07:31 +0000] "GET /phpinfo HTTP/1.1" 404 37848 "-" "python-httpx/0.22.0"
...
show less
Brute-Force
Bad Web Bot
SSH
Anonymous
2025-11-27 22:06:05
(7 months ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ซ๐ฎ
YF
2025-11-27 22:00:50
(7 months ago)
404 errors (Vulnerability scan)
Brute-Force
Web App Attack
๐ฐ๐ท
tmmmzk
2025-11-27 20:28:20
(7 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Hacking
Web App Attack
Anonymous
2025-11-27 18:04:14
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH