๐ณ๐ฑ
homeshowdomain.nl
2026-07-19 21:59:23
(1 hour ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-18.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-07-18 22:01:24
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-18
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-18 06:52:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 02:52:21.713039 2026] [security2:error] [pid 2830723:tid 2830723] [client 54.196.53.179:50022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meomy.us"] [uri "/.git/config"] [unique_id "alsipVvI6bZ5-EP30Z4zCwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-18 05:01:37
(1 day ago)
http-sensitive-files - IP: 54.196.53.179 - time="2026-07-18T07:01:37+02:00" level=info msg="(555f66 ...
show more
http-sensitive-files - IP: 54.196.53.179 - time="2026-07-18T07:01:37+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 54.196.53.179 (US/14618) : 4h ban on Ip 54.196.53.179" module=db
show less
Web App Attack
๐ซ๐ฎ
NoaQT
2026-07-18 03:55:57
(1 day ago)
2026-07-18T03:55:56.760307+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:56.7 ...
show more
2026-07-18T03:55:56.760307+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:56.760] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 53/53/0/0/0 0/0 "GET /.env.prod HTTP/1.1"
2026-07-18T03:55:56.859814+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:56.859] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 53/53/0/0/0 0/0 "GET /.env.stage HTTP/1.1"
2026-07-18T03:55:56.959521+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:56.958] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 53/53/0/0/0 0/0 "GET /.env.ci HTTP/1.1"
2026-07-18T03:55:57.058970+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:57.058] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 53/53/0/0/0 0/0 "GET /.env.docker HTTP/1.1"
2026-07-18T03:55:57.158199+00:00 ingress-1 haproxy[237]: 54.196.53.179:46588 [18/Jul/2026:03:55:57.157] https_in~ https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 53/53/0/0/0 0/0 "GET /.env
...
show less
DDoS Attack
Anonymous
2026-07-18 01:06:15
(1 day ago)
Blocked: Reason='High 404 error volume (> 1000 in 60 min)'; Requests=1052
Hacking
๐ณ๐ฑ
Site.eu
2026-07-16 22:21:11
(3 days ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-16 22:04:54
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:04:48.119867 2026] [security2:error] [pid 31985:tid 31985] [client 54.196.53.179:40238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulpasquali.accordionclub.org"] [uri "/.git/config"] [unique_id "allVgGJryzwgHJxz-t-5TwAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:53:17
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:53:10.183385 2026] [security2:error] [pid 13565:tid 13589] [client 54.196.53.179:54320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "charteredwealthmanager.com"] [uri "/.git/config"] [unique_id "alk2pjbvJO03tqTEramCqQAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-16 18:59:14
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:57:50
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 54.196.53.179 (ec2-54-196-53-179.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:57:46.594416 2026] [security2:error] [pid 31397:tid 31397] [client 54.196.53.179:33554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.montepulciano.org"] [uri "/.git/config"] [unique_id "alkpqtvdJ9d9Ydz1uOC6bgAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack