๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:02:52
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 05:58:48
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:58:41.304118 2026] [security2:error] [pid 24770:tid 24770] [client 16.171.21.111:52832] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krugmans.net"] [uri "/.git/config"] [unique_id "alhzEbElKJwyi2uf9ltx8gAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 04:05:14
(3 days ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (41/60 min)'; Requests=41
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-16 03:59:47
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:59:39.335081 2026] [security2:error] [pid 7334:tid 7334] [client 16.171.21.111:43526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kronrod.com"] [uri "/.git/config"] [unique_id "alhXKy_fve6kz4KTm4jbbwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:10:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:10:18.290280 2026] [security2:error] [pid 17345:tid 17345] [client 16.171.21.111:60282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krmartindale.com"] [uri "/.git/config"] [unique_id "alg9ikdZSCBq3sYBepbXvQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:19:08
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:19:00.699494 2026] [security2:error] [pid 5146:tid 5146] [client 16.171.21.111:49938] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kristywernerauthor.com"] [uri "/.git/config"] [unique_id "algxhN_jxr1hKISZI8IHBgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 16:39:06
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 12:39:00.450781 2026] [security2:error] [pid 1435222:tid 1435222] [client 16.171.21.111:48472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "localonlinevisibility.com.needtoorder.us"] [uri "/.git/config"] [unique_id "ale3pNT1zKjbLdnYLQcYWQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-15 16:23:21
(3 days ago)
Excessive 404/403 errors
Brute-Force
๐ฏ๐ต
beon
2026-07-15 15:32:55
(3 days ago)
[DateTime=>2026-07-15T15:32:55Z to 2026-07-15T15:34:19Z (UTC)] , [HoneyPot_Hits=>257 times] , [Honey ...
show more
[DateTime=>2026-07-15T15:32:55Z to 2026-07-15T15:34:19Z (UTC)] , [HoneyPot_Hits=>257 times] , [HoneyPots=>/.git/config, /.env, /.env.local, /.env.production, /.env.staging, /.env.development and others] , [404targets=>/_environment, /phpinfo.php.bak, /phpinfo.php.old, /phpinfo.php~, /info.php.bak, /phpinfo.php.save] , [total_Hits=>268 times] , [hit_per_second=>3.19] , [Keyword=>WordPress, PHP web shells]
show less
Bad Web Bot
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-19 02:21:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.171.21.111 (ec2-16-171-21-111.eu-north-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 22:21:25.815961 2026] [security2:error] [pid 13861:tid 13861] [client 16.171.21.111:46420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.globalpackets.net"] [uri "/.git/config"] [unique_id "agvJJWu8hF5XvdTOMgn-hAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-05-19 01:10:04
(2 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-05-19 00:43:42
(2 months ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
Anonymous
2026-05-19 00:38:56
(2 months ago)
Multiple web server 400 error codes from same source ip
Web App Attack