๐บ๐ธ
TPI-Abuse
2026-07-16 07:05:41
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:05:35.447971 2026] [security2:error] [pid 29739:tid 29739] [client 54.249.203.24:45784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scoutmountaindistrict.org"] [uri "/.git/config"] [unique_id "aliCv8nPB7U13dk4zQPrMwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:27:02
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:26:57.126691 2026] [security2:error] [pid 29166:tid 29166] [client 54.249.203.24:48878] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scottwithers.net"] [uri "/.git/config"] [unique_id "alh5sSX1rXYTHJjeT3M08AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 04:35:58
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 00:35:53.383970 2026] [security2:error] [pid 6160:tid 6160] [client 54.249.203.24:34254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scott.bccworldmedia.com"] [uri "/.git/config"] [unique_id "alhfqZBbGroEWo5EC9MCSwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 02:50:34
(2 days ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:05:50
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:05:43.304186 2026] [security2:error] [pid 24280:tid 24280] [client 54.249.203.24:40672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scomparsa-disappearance.tandm.us"] [uri "/.git/config"] [unique_id "alguZ4LDsWptifyQQBhnrgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:01:00
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-15 15:11:12
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 54.249.203.24 (ec2-54-249-203-24.ap-northeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 11:11:08.214880 2026] [security2:error] [pid 5490:tid 5582] [client 54.249.203.24:46984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rammep.digital4z.com"] [uri "/.git/config"] [unique_id "alejDN0ljk8dRBfwi2hSyAAAAco"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-15 13:05:08
(2 days ago)
54.249.203.24 - - [15/Jul/2026:09:05:08 -0400] "GET /.env HTTP/1.1" 403 6323 "-" "Mozilla/5.0 (Macin ...
show more
54.249.203.24 - - [15/Jul/2026:09:05:08 -0400] "GET /.env HTTP/1.1" 403 6323 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 04:48:10
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-14 22:36:13
(3 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 22:00:38
(3 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking
๐ฎ๐น
VHosting
2026-07-14 19:25:03
(3 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-14 17:34:26
(3 days ago)
3.483 requests with url.path *.env
Brute-Force
Bad Web Bot