๐ซ๐ท
mail.avx.gr
2026-07-17 13:21:20
(16 hours ago)
Plesk Fail2Ban jail: Plesk-Web-Exploits. Evidence: 104.196.208.217 - - [14/Jul/2026:23:43:42 +0300] ...
show more
Plesk Fail2Ban jail: Plesk-Web-Exploits. Evidence: 104.196.208.217 - - [14/Jul/2026:23:43:42 +0300] "GET /.git/config HTTP/1.1" 404 4788 "-" "-"
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:01:56
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-07-15 16:31:52
(2 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
Anonymous
2026-07-15 07:25:00
(2 days ago)
GET /.git/config
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-14 22:00:47
(3 days ago)
Auto-ban: >3000 req/min op 2026-07-14
Web App Attack
SSH
Hacking
๐ง๐ช
cmbplf
2026-07-14 21:47:11
(3 days ago)
754 requests with url.path */.git/config
Brute-Force
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-14 21:05:13
(3 days ago)
Abuse Detected (50)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 21:02:27
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleuserc ...
show more
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:02:21.638519 2026] [security2:error] [pid 23454:tid 23454] [client 104.196.208.217:56254] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zeta-me.com"] [uri "/.git/config"] [unique_id "alaj3b9iOZRI2rp-uCSR4AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 20:15:02
(3 days ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 20:11:52
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleuserc ...
show more
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 16:11:47.993149 2026] [security2:error] [pid 3237:tid 3237] [client 104.196.208.217:50336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zemincollection.chevronparkett.com"] [uri "/.git/config"] [unique_id "alaYA9D6JnkNUl3X-hGqMwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-14 20:01:43
(3 days ago)
CMS/framework probe: 104.196.208.217 - - [14/Jul/2026:22:01:43 +0200] "GET /.git/config HTTP/1.1" 44 ...
show more
CMS/framework probe: 104.196.208.217 - - [14/Jul/2026:22:01:43 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "-" asn=396982 org="Google LLC" country=US
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:56:18
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleuserc ...
show more
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:56:14.390494 2026] [security2:error] [pid 23209:tid 23209] [client 104.196.208.217:46938] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zeetec.nl"] [uri "/.git/config"] [unique_id "alaUXnWtN8O2oadd-7XvPAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:41:03
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleuserc ...
show more
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:40:55.405643 2026] [security2:error] [pid 32738:tid 32738] [client 104.196.208.217:36332] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zdx.jeranny.com"] [uri "/.git/config"] [unique_id "alaQx_IX9y8e_CBW5Mr2pAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 18:41:38
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleuserc ...
show more
(mod_security) mod_security (id:210492) triggered by 104.196.208.217 (217.208.196.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:41:31.801410 2026] [security2:error] [pid 1766:tid 1766] [client 104.196.208.217:34722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yourmac.co.uk"] [uri "/.git/config"] [unique_id "alaC2yDbMyCp_y1iVhLXiQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-14 18:20:00
(3 days ago)
Try to access /.git/config
Web App Attack