πΊπΈ
TPI-Abuse
2026-07-16 16:14:54
(3 minutes ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:14:47.918651 2026] [security2:error] [pid 21883:tid 21883] [client 16.171.168.196:40316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edsantos.biz"] [uri "/.git/config"] [unique_id "alkDd0DKG2SExNK739ay8gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 15:01:28
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:01:21.762492 2026] [security2:error] [pid 29100:tid 29196] [client 16.171.168.196:54224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "e-dome.co.jp"] [uri "/.git/config"] [unique_id "aljyQaAfhAoJeoLeCEJv3gAAAQo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π·πΊ
DZBOT
2026-07-16 14:55:18
(1 hour ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 13:44:22
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:44:17.717565 2026] [security2:error] [pid 1552:tid 1552] [client 16.171.168.196:34496] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edmontonwaterjet.com"] [uri "/.git/config"] [unique_id "aljgMdbcVpHhjKP_D7FdXAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 13:09:39
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:09:32.140251 2026] [security2:error] [pid 24068:tid 24068] [client 16.171.168.196:57006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edmestonfd.com"] [uri "/.git/config"] [unique_id "aljYDHXoPfXr4odNTb4tGAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 12:37:49
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:37:46.338728 2026] [security2:error] [pid 21976:tid 21976] [client 16.171.168.196:52888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edlee.biz"] [uri "/.git/config"] [unique_id "aljQmpiM5d3PMzmO4juy8AAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Vano Ganzzz
2026-07-16 05:29:11
(10 hours ago)
Triggered Cloudflare WAF (firewallCustom) from SE.
Action taken: BLOCK
ASN: 16509 (Amazon.com, Inc.) ...
show more
Triggered Cloudflare WAF (firewallCustom) from SE.
Action taken: BLOCK
ASN: 16509 (Amazon.com, Inc.)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env.txt
Timestamp: 2026-07-16T05:29:11Z
Ray ID: a1be9b93feb5ed04
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-16 03:31:37
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.168.196 (ec2-16-171-168-196.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:31:29.888785 2026] [security2:error] [pid 17194:tid 17194] [client 16.171.168.196:57800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "edfisherco.com"] [uri "/.git/config"] [unique_id "alhQkSv97oerUSBFkxRCpAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπͺ
nekopavel
2026-07-16 02:50:57
(13 hours ago)
16.171.168.196 - - [16/Jul/2026:04:50:55 +0200]"GET /.git/config HTTP/1.1" 404 704"-" futomomo.art " ...
show more
16.171.168.196 - - [16/Jul/2026:04:50:55 +0200]"GET /.git/config HTTP/1.1" 404 704"-" futomomo.art "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36""0.001" "0.001""Stockholm" "SE"
16.171.168.196 - - [16/Jul/2026:04:50:55 +0200]"GET /.env HTTP/1.1" 404 704"-" futomomo.art "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36""0.001" "0.000""Stockholm" "SE"
16.171.168.196 - - [16/Jul/2026:04:50:55 +0200]"GET /.env.local HTTP/1.1" 404 704"-" futomomo.art "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36""0.001" "0.001""Stockholm" "SE"
...
show less
Hacking
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-16 02:38:59
(13 hours ago)
Multiple WAF Violations
Web App Attack
π©π°
HostingGroup
2026-07-16 01:27:18
(14 hours ago)
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shiel ...
show more
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shield. Offenses: 23. First blocked: 2026-07-16.
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 14:05:41
(1 day ago)
Blocked: Reason='Vulnerability probing β PHP scan detected (41/60 min)'; Requests=41
Port Scan
π©πͺ
grassau.com
2026-07-15 13:08:34
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 16.171.168.196 (SE/Sweden/Stockholm Cou ...
show more
(mod_security) mod_security triggered on hostname [redacted] 16.171.168.196 (SE/Sweden/Stockholm County/Stockholm/ec2-16-171-168-196.eu-north-1.compute.amazonaws.com)
show less
SQL Injection
Anonymous
2026-07-14 22:57:03
(1 day ago)
Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /qa/phpinfo.php HTTP/1.1, GET /phpinfo.p ...
show more
Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /qa/phpinfo.php HTTP/1.1, GET /phpinfo.php.bak HTTP/1.1, GET /phpinfo.php.save HTTP/1.1, GET /www/phpinfo.php HTTP/1.1, GET /preview/phpinfo.php HTTP/1.1, GET /phpinfo.php~ HTTP/1.1, GET /jenkins/.env HTTP/1.1, GET /elasticsearch/.env HTTP/1.1
show less
Hacking
Web App Attack
Anonymous
2026-07-14 20:06:55
(1 day ago)
PSCSERV WPSCAN 16.171.168.196
Bad Web Bot
Web App Attack