๐บ๐ธ
TPI-Abuse
2026-07-16 06:39:32
(39 minutes ago)
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:39:28.237920 2026] [security2:error] [pid 19486:tid 19486] [client 15.229.85.243:42864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skyesongtollers.com"] [uri "/.git/config"] [unique_id "alh8oCTo_ywdtthtopCqXQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:43:18
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:43:12.854912 2026] [security2:error] [pid 25775:tid 25775] [client 15.229.85.243:54124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skulldump.blockdredge.com"] [uri "/.git/config"] [unique_id "alhFQE1TxxXcdJ7ROlBo8gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 22:56:53
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 15.229.85.243 (ec2-15-229-85-243.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 18:56:48.033018 2026] [security2:error] [pid 11073:tid 11073] [client 15.229.85.243:54598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thelostfruit.com"] [uri "/.git/config"] [unique_id "algQMAyYC6J4wORSVpUziwAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:00:39
(9 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
lavnet.net
2026-07-15 14:33:38
(16 hours ago)
[Wed Jul 15 14:33:37.917127 2026] [authz_core:error] [pid 2199334:tid 2199370] [client 15.229.85.243 ...
show more
[Wed Jul 15 14:33:37.917127 2026] [authz_core:error] [pid 2199334:tid 2199370] [client 15.229.85.243:55888] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
[Wed Jul 15 14:33:37.917636 2026] [authz_core:error] [pid 2199334:tid 2199370] [client 15.229.85.243:55888] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
[Wed Jul 15 14:33:38.056173 2026] [authz_core:error] [pid 2199334:tid 2199388] [client 15.229.85.243:55888] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
...
show less
Brute-Force
๐ณ๐ฑ
Mangelot Hosting
2026-07-15 14:28:26
(16 hours ago)
(modsecurity) srv104 ModSecurity 15.229.85.243 (BR/Brazil/ec2-15-229-85-243.sa-east-1.compute.amazon ...
show more
(modsecurity) srv104 ModSecurity 15.229.85.243 (BR/Brazil/ec2-15-229-85-243.sa-east-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-15 10:10:43
(21 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 15.229.85.243 (BR/Brazil/ec2-15-229 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 15.229.85.243 (BR/Brazil/ec2-15-229-85-243.sa-east-1.compute.amazonaws.com): 1 in the last 3600 secs
show less
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 05:01:50
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-15 02:52:47
(1 day ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ง๐ช
cmbplf
2026-07-15 00:39:17
(1 day ago)
4.585 requests with url.path *.env
756 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-15 00:32:52
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-14 23:06:30
(1 day ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
Matthew Ping
2026-07-14 21:45:02
(1 day ago)
ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-14 18:51:02
(1 day ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฉ๐ช
big-cloud.nl
2026-07-14 13:48:00
(1 day ago)
Try to access /.git/config
Web App Attack