๐บ๐ธ
TPI-Abuse
2026-07-16 19:06:16
(42 minutes ago)
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:06:08.436000 2026] [security2:error] [pid 12065:tid 12137] [client 63.177.66.196:55144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.theextraordinaryoffice.com"] [uri "/.git/config"] [unique_id "alkroCUn5VAzE7TNJqTmVQAAAYg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Blexyel
2026-07-16 18:14:25
(1 hour ago)
63.177.66.196 - - [16/Jul/2026:20:14:25 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "Mozilla/5.0 ...
show more
63.177.66.196 - - [16/Jul/2026:20:14:25 +0200] "GET /.git/config HTTP/1.1" 404 120 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:05:40
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:05:36.307956 2026] [security2:error] [pid 19916:tid 19916] [client 63.177.66.196:44544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thebestac.com"] [uri "/.git/config"] [unique_id "alkdcLj6e1Z6GwriHbkjOwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
securejdprop
2026-07-16 13:53:30
(5 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-CVE-2025-55182.
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 09:44:16
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 05:44:08.272846 2026] [security2:error] [pid 8546:tid 8546] [client 63.177.66.196:51886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sympalais.com"] [uri "/.git/config"] [unique_id "alin6NUoeCjnqn4rMZFpNAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:49:52
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:49:46.602423 2026] [security2:error] [pid 21910:tid 21910] [client 63.177.66.196:59924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sunsettrailsardmore.com"] [uri "/.git/config"] [unique_id "alh_CvICO1XfHGWagAXW_wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 05:12:05
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 63.177.66.196 (ec2-63-177-66-196.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:12:01.943459 2026] [security2:error] [pid 22265:tid 22265] [client 63.177.66.196:32816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.styxtake2.com"] [uri "/.git/config"] [unique_id "alhoIVsQex0bc8mhsOTOFgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
sthoyer.de
2026-07-16 01:12:12
(18 hours ago)
63.177.66.196 - - [16/Jul/2026:03:12:10 +0200] "GET /.git/config HTTP/1.1" 302 495 "-" "Mozilla/5.0 ...
show more
63.177.66.196 - - [16/Jul/2026:03:12:10 +0200] "GET /.git/config HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
63.177.66.196 - - [16/Jul/2026:03:12:11 +0200] "GET /.env HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
63.177.66.196 - - [16/Jul/2026:03:12:11 +0200] "GET /.env.local HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-07-15 14:07:09
(1 day ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (41/60 min)'; Requests=41
Port Scan