๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 21:59:06
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 00:14:09
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.am ...
show more
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:14:05.038168 2026] [security2:error] [pid 4513:tid 4513] [client 52.56.62.3:42474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "613.ninja"] [uri "/.git/config"] [unique_id "allzzQviQIUnPFx0FoXSywAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:05:59
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 18:28:17
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.am ...
show more
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:28:12.416443 2026] [security2:error] [pid 17273:tid 17273] [client 52.56.62.3:57272] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brokenglasstelecom.com"] [uri "/.git/config"] [unique_id "alkivKNbCu44skXejU5lwQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
janbro
2026-07-16 17:56:24
(3 days ago)
Automated attempt to access sensitive configuration files.
Port Scan
Hacking
Web App Attack
๐ง๐ฌ
HighWay
2026-07-16 15:52:23
(3 days ago)
52.56.62.3 - - [16/Jul/2026:15:52:20 +0000] "GET /.git/config HTTP/1.1" 403 5581 "-" "Mozilla/5.0 (M ...
show more
52.56.62.3 - - [16/Jul/2026:15:52:20 +0000] "GET /.git/config HTTP/1.1" 403 5581 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [16/Jul/2026:15:52:20 +0000] "GET /.env HTTP/1.1" 403 485 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [16/Jul/2026:15:52:20 +0000] "GET /.env.local HTTP/1.1" 403 430 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
n2nguyenn2nguyen
2026-07-16 14:43:27
(3 days ago)
Blocked by YFC Security on https://brixzly.com โ type: directory_scan_attempts
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:18:11
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.am ...
show more
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:18:03.888162 2026] [security2:error] [pid 3920:tid 3929] [client 52.56.62.3:57110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "briteh.com"] [uri "/.git/config"] [unique_id "aljL-4o2f6eh4Cye4RiPxAAAAEM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 10:00:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.am ...
show more
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 06:00:19.811075 2026] [security2:error] [pid 17207:tid 17207] [client 52.56.62.3:54622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brinkworthdungeon.brinkworthmodels.com"] [uri "/.git/config"] [unique_id "alirs4WMcwmvU9ECJN4CSgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Petros Stefanakis
2026-07-16 06:28:19
(3 days ago)
(mod_security) mod_security triggered on hostname [redacted] 52.56.62.3 (GB/United Kingdom/ec2-52-56 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 52.56.62.3 (GB/United Kingdom/ec2-52-56-62-3.eu-west-2.compute.amazonaws.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-16 02:54:40
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.am ...
show more
(mod_security) mod_security (id:210492) triggered by 52.56.62.3 (ec2-52-56-62-3.eu-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:54:33.473689 2026] [security2:error] [pid 13271:tid 13271] [client 52.56.62.3:51512] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bright-enterprise.com"] [uri "/.git/config"] [unique_id "alhH6TKnny_ksnqSUsWfAQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 21:06:24
(3 days ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (41/60 min)'; Requests=41
Port Scan
Anonymous
2026-07-15 12:55:42
(4 days ago)
52.56.62.3 - - [15/Jul/2026:14:55:37 +0200] "GET /.git/config HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Wi ...
show more
52.56.62.3 - - [15/Jul/2026:14:55:37 +0200] "GET /.git/config HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [15/Jul/2026:14:55:37 +0200] "GET /.env HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [15/Jul/2026:14:55:37 +0200] "GET /.env.local HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [15/Jul/2026:14:55:38 +0200] "GET /.env.production HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 - - [15/Jul/2026:14:55:38 +0200] "GET /.env.staging HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
52.56.62.3 -
...
show less
Bad Web Bot
Web App Attack