๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 21:59:06
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-01.
show less
Web App Attack
SSH
Hacking
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-01 18:08:02
(1 week ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-01 16:09:02
(1 week ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx03,wa01]
Bad Web Bot
Web App Attack
๐จ๐ฆ
dispensight
2026-07-01 14:25:42
(1 week ago)
SecureLeaf CTI: credential/secret path probe. 1 req against dispensight.com (e.g. /.git/config). Def ...
show more
SecureLeaf CTI: credential/secret path probe. 1 req against dispensight.com (e.g. /.git/config). Defensive report; verified infra.
show less
Hacking
Web App Attack
๐บ๐ธ
EvilTurkey
2026-07-01 12:08:52
(1 week ago)
Web app attack against financial institution website.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 10:58:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:58:40.717925 2026] [security2:error] [pid 2974:tid 2974] [client 138.68.70.45:44798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crystaljohns.com"] [uri "/.git/config"] [unique_id "akTy4IvArkHRedLviOqkYQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-01 10:31:19
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 09:07:30
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:07:23.376001 2026] [security2:error] [pid 4083:tid 4083] [client 138.68.70.45:37930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joesteiner.com"] [uri "/.git/config"] [unique_id "akTYy0utUZyR2J8HjSytAQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-07-01 08:59:24
(1 week ago)
F2B - Malicious activity detected. URL Probing. -8ff06ede-
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-01 08:18:19
(1 week ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:51:53
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:51:45.935976 2026] [security2:error] [pid 11172:tid 11172] [client 138.68.70.45:37538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cbcfargo.com"] [uri "/.git/config"] [unique_id "akTHEdI3WkRRy1Oy6HcsaQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 06:01:06
(1 week ago)
Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:22:28
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:22:23.588332 2026] [security2:error] [pid 3407:tid 3407] [client 138.68.70.45:34080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bethanneblue.net"] [uri "/.git/config"] [unique_id "akSkD-OUWCBCZNAld2UNsAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 04:55:02
(1 week ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 04:47:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 138.68.70.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 00:47:05.680963 2026] [security2:error] [pid 6960:tid 6960] [client 138.68.70.45:60078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hotelkona.com"] [uri "/.git/config"] [unique_id "akSbydNiViuKgHoLG4mwXQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack