๐บ๐ธ
TPI-Abuse
2026-07-02 09:16:41
(7 minutes ago)
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:16:33.945355 2026] [security2:error] [pid 1899:tid 1899] [client 16.79.112.1:54787] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accu-tuner.com"] [uri "/wp-config.php"] [unique_id "akYscfDPomWUWVJIpEvSEQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-02 08:39:05
(45 minutes ago)
Web vulnerability probing: /.well-known/content.php
Web App Attack
๐จ๐ฆ
Mediashaker
2026-07-02 08:29:15
(55 minutes ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 16.79.112.1 (ID/Indonesi ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 16.79.112.1 (ID/Indonesia/ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-02 07:57:52
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:57:47.818477 2026] [security2:error] [pid 3079:tid 3079] [client 16.79.112.1:57070] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.johnheinrich.com"] [uri "/wp-config.php"] [unique_id "akYZ-8cMev-ILMY6C0_ENAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mw
2026-07-02 00:01:34
(9 hours ago)
GET /wp-admin/user/about.php HTTP/1.1
Web App Attack
๐ซ๐ฎ
YF
2026-07-02 00:00:41
(9 hours ago)
WordPress content enumeration
Web App Attack
Anonymous
2026-07-01 23:05:25
(10 hours ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (364/60 min)'; Requests=364
Port Scan
๐ฆ๐บ
screwlooseit.com.au
2026-07-01 22:55:23
(10 hours ago)
Blocked by CSF 13 firewall - Rule: US/United States/ec2-16-79-112-1.ap-southeast-3.compute.amazonaws ...
show more
Blocked by CSF 13 firewall - Rule: US/United States/ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:28:49
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:28:41.967627 2026] [security2:error] [pid 23940:tid 23955] [client 16.79.112.1:60638] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gotogps.com"] [uri "/wp-config.php"] [unique_id "akWUmcdcSnS1pyJXxICPTwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-01 22:06:00
(11 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
Anonymous
2026-07-01 22:03:44
(11 hours ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: ID, Attack patterns: WordPress scanning, Webshell probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-01 21:48:00
(11 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
Lee Daniel
2026-07-01 21:44:34
(11 hours ago)
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/acme-challenge/xmrlpc.php?p= HTTP/1.1 ...
show more
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/acme-challenge/xmrlpc.php?p= HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/pki-validation/index.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/content.php HTTP/1.1" 404 38702 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/gelay.php HTTP/1.1" 404 38693 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
16.79.112.1 - - [01/Jul/2026:17:44:33 -0400] "GET /.well-known/index.php HTTP/1.1" 404 38693 "-" "Mozilla/5.0 (Linux; Androi
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:23:41
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.com ...
show more
(mod_security) mod_security (id:210492) triggered by 16.79.112.1 (ec2-16-79-112-1.ap-southeast-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:23:34.564413 2026] [security2:error] [pid 16822:tid 16822] [client 16.79.112.1:52870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.instituteofscience.com"] [uri "/wp-config.php"] [unique_id "akWFVg7cO06da6G1eC0uZQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-01 20:57:13
(12 hours ago)
Web attack/malicious scanning detected
Web App Attack