πΊπΈ
TPI-Abuse
2026-07-16 18:39:28
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:39:24.439748 2026] [security2:error] [pid 14508:tid 14508] [client 18.231.50.130:43086] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/.git/config"] [unique_id "alklXIhfDYePLcjkCqon9wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 16:21:00
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:20:54.372262 2026] [security2:error] [pid 11941:tid 11941] [client 18.231.50.130:37238] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewanderingwoods.quest"] [uri "/.git/config"] [unique_id "alkE5uchLuPFXSInUld9bQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 14:48:10
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:48:06.722859 2026] [security2:error] [pid 4378:tid 4378] [client 18.231.50.130:52852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevillageartcenter.com"] [uri "/.git/config"] [unique_id "aljvJtG2zo5qqc-z2d6gYwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 13:05:42
(6 hours ago)
Blocked: Reason='Vulnerability probing β PHP scan detected (41/60 min)'; Requests=41
Port Scan
πͺπΈ
pipeline.es
2026-07-16 12:23:55
(7 hours ago)
Web scanning / probing for vulnerable paths | URL: /jenkins/.env | Evidence: bluetreasure.pt 18.231. ...
show more
Web scanning / probing for vulnerable paths | URL: /jenkins/.env | Evidence: bluetreasure.pt 18.231.50.130 - - [16/Jul/2026:14:21:35 +0200] \"GET /jenkins/.env HTTP/1.1\" 404 20509 \"-\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=BR | ASN: AMAZON-02 | Country: BR
show less
Port Scan
Web App Attack
πΊπΈ
WizardsToolkit
2026-07-16 06:38:12
(13 hours ago)
attempted to access /app/.env
Web App Attack
π«π·
dynamix
2026-07-16 06:03:57
(13 hours ago)
Multiple WAF Violations
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 05:39:16
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:39:12.178172 2026] [security2:error] [pid 3693:tid 3693] [client 18.231.50.130:40578] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thesweeneys.ws"] [uri "/.git/config"] [unique_id "alhugGBc3i1_fhOgdw34aAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 03:23:50
(16 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 18.231.50.130 (BR/Brazil/ec2-18-231-50- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 18.231.50.130 (BR/Brazil/ec2-18-231-50-130.sa-east-1.compute.amazonaws.com)
show less
SQL Injection
πΊπΈ
TPI-Abuse
2026-07-16 03:22:54
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:22:49.615550 2026] [security2:error] [pid 14624:tid 14624] [client 18.231.50.130:52988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thesteeldrumman.com"] [uri "/.git/config"] [unique_id "alhOiXjdjEqG9bJ7humSYgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 03:02:33
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.231.50.130 (ec2-18-231-50-130.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:02:26.817660 2026] [security2:error] [pid 23490:tid 23490] [client 18.231.50.130:45600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thestardance.com"] [uri "/.git/config"] [unique_id "alhJwpkMZQlCkeEukGO_0gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 00:03:34
(19 hours ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection