๐บ๐ธ
TPI-Abuse
2026-07-16 14:04:59
(43 minutes ago)
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:04:53.225289 2026] [security2:error] [pid 1422:tid 1422] [client 99.79.51.57:34918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianfolkmagician.com"] [uri "/.git/config"] [unique_id "aljlBQ79QOpm9JLwrSYfNwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 08:24:31
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 04:24:24.153739 2026] [security2:error] [pid 22401:tid 22432] [client 99.79.51.57:34688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millievelasco.com"] [uri "/.git/config"] [unique_id "aliVOPjr1RUkRhE1hvtPXgAAANg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-16 08:02:31
(6 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-16 01:23:57
(13 hours ago)
cloudlinux2 fail2ban: 2026-07-16 03:19:06,002 fail2ban.filter [1812]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-16 03:19:06,002 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.214.190 - 2026-07-16 03:19:04cloudlinux2 fail2ban: 2026-07-16 03:19:09,466 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.214.190 - 2026-07-16 03:19:08cloudlinux2 fail2ban: 2026-07-16 03:19:06,011 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.214.220 - 2026-07-16 03:19:04cloudlinux2 fail2ban: 2026-07-16 03:19:54,729 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 193.37.33.140 - 2026-07-16 03:19:51cloudlinux2 fail2ban: 2026-07-16 03:19:54,755 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 193.37.33.150 - 2026-07-16 03:19:51cloudlinux2 fail2ban: 2026-07-16 03:20:05,248 fail2ban.actions [1812]: NOTICE [plesk-wordpress] Unban 103.163.220.162cloudlinux2 fail2ban: 2026-07-16 03:20:05,332 fail2ban.actions [1812]: NOTICE [plesk-wordpress] Unban 103.163.220.164cloudlinux2 fail2ban: 2026-07-16 03:20:05,2
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:31:46
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compu ...
show more
(mod_security) mod_security (id:210492) triggered by 99.79.51.57 (ec2-99-79-51-57.ca-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:31:39.731613 2026] [security2:error] [pid 9754:tid 9754] [client 99.79.51.57:33258] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "milajarecords.com"] [uri "/.git/config"] [unique_id "algma10r3xU1ns1m-VWr3QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:01:41
(16 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
zumbo.net
2026-07-15 16:32:13
(22 hours ago)
[Wed Jul 15 19:32:12.641439 2026] [proxy_fcgi:error] [pid 547080:tid 547109] [client 99.79.51.57:0] ...
show more
[Wed Jul 15 19:32:12.641439 2026] [proxy_fcgi:error] [pid 547080:tid 547109] [client 99.79.51.57:0] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 19:32:12.751683 2026] [proxy_fcgi:error] [pid 547081:tid 547116] [client 99.79.51.57:0] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 19:32:12.866248 2026] [proxy_fcgi:error] [pid 547080:tid 547108] [client 99.79.51.57:0] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 19:32:12.977896 2026] [proxy_fcgi:error] [pid 547081:tid 547124] [client 99.79.51.57:0] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 19:32:13.096306 2026] [proxy_fcgi:error] [pid 547081:tid 547114] [client 99.79.51.57:0] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-14 18:20:24
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐ซ๐ท
Octopuce
2026-07-14 17:01:57
(1 day ago)
Aggressive web search of vulnerable pages: /.env /.env.local /app/.env /apps/.env /api/.env ...
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 12:18:59
(2 days ago)
Multiple WAF Violations
Web App Attack