๐บ๐ธ
TPI-Abuse
2026-07-17 03:48:42
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:48:39.537689 2026] [security2:error] [pid 1258:tid 1258] [client 54.170.236.120:44550] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "armadillosigns.com"] [uri "/.git/config"] [unique_id "almmFwxXy3drlmiI0UFVOQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pscriptos
2026-07-16 20:57:20
(23 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-16 13:26:08
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from IE.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoi ...
show more
Triggered Cloudflare WAF (firewallCustom) from IE.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: /cpanel/phpinfo.php | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 12:23:17
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:23:14.060169 2026] [security2:error] [pid 7039:tid 7039] [client 54.170.236.120:48820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neilvboyer.com"] [uri "/.git/config"] [unique_id "aljNMpo7lR4pAsUiH8FdCQAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 09:47:10
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 05:47:07.035916 2026] [security2:error] [pid 15542:tid 15542] [client 54.170.236.120:32780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "neff.family.name"] [uri "/.git/config"] [unique_id "aliom5-t6HLi0SetLIyZvwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 08:49:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 04:49:38.665750 2026] [security2:error] [pid 2559422:tid 2559422] [client 54.170.236.120:35684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorderprinting.com"] [uri "/.git/config"] [unique_id "alibInl5ybN-x8eBXqufZAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-16 08:45:54
(1 day ago)
4.348 requests with url.path *.env
700 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 03:50:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:50:27.969235 2026] [security2:error] [pid 3604:tid 3604] [client 54.170.236.120:59372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nealandmichaeledesign.com"] [uri "/.git/config"] [unique_id "alhVAyTZyIhkZek_yallVwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:21:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:21:21.724465 2026] [security2:error] [pid 21804:tid 21804] [client 54.170.236.120:44240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ndakno.com"] [uri "/.git/config"] [unique_id "algyER_8M2tykGyIH8B3qgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 17:59:01
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.co ...
show more
(mod_security) mod_security (id:210492) triggered by 54.170.236.120 (ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 13:58:56.322592 2026] [security2:error] [pid 10508:tid 10508] [client 54.170.236.120:49656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "portraitsinblues.com"] [uri "/.git/config"] [unique_id "alfKYCNa8yOukgOuZyo8ogAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 16:07:02
(2 days ago)
Automated web scanner. Requested suspicious paths: /.git/config | /.env | /.env.production | /.env.l ...
show more
Automated web scanner. Requested suspicious paths: /.git/config | /.env | /.env.production | /.env.local | /.env.remote | /.env.test | /.env.staging | /.env.bak | /.env.backup | /.env.development | /.env.old | /.env.save | /.env.dev | /.env.sample | /.env.stage | /.env.prod | /.env.example | /.env.ci | /.env.docker | /.env.live | /.env.preprod | /.env.dist | /.env.uat | /.env.swp | /.env~. UTC: 2026-07-15 15:48:20.
show less
Web App Attack
๐ซ๐ท
Octopuce
2026-07-15 14:12:49
(2 days ago)
Aggressive web search of vulnerable pages: / /.env /.env.local /app/.env /apps/.env ...
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-15 02:24:58
(2 days ago)
(php_susp_dir) srv104 PHP in suspicious dir 54.170.236.120 (IE/Ireland/ec2-54-170-236-120.eu-west-1. ...
show more
(php_susp_dir) srv104 PHP in suspicious dir 54.170.236.120 (IE/Ireland/ec2-54-170-236-120.eu-west-1.compute.amazonaws.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 22:00:27
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking