๐ฟ๐ฆ
conure
2026-07-16 12:14:31
(18 hours ago)
csagent: score 19.5: secrets grab x2, 404 noise floor x2; 2 domain(s) in 17s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 03:55:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:55:24.651672 2026] [security2:error] [pid 12111:tid 12111] [client 146.70.193.17:46126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dmasoftlab.com"] [uri "/.git/index"] [unique_id "alhWLNwVbdpu_g7f0P5ozQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 03:35:40
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:35:36.513115 2026] [security2:error] [pid 29068:tid 29085] [client 146.70.193.17:51714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "disability-blog.com"] [uri "/.git/index"] [unique_id "alhRiArzPGz-gkGvJQCZggAAAU8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-16 03:32:52
(1 day ago)
441 requests with url.path *.git/*
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 03:17:02
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:16:56.301348 2026] [security2:error] [pid 29818:tid 29818] [client 146.70.193.17:53448] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digifonics.com"] [uri "/.git/index"] [unique_id "alhNKAbWiBmDDSNensjj7AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 03:04:59
(1 day ago)
[da.kdns.gr] httpd-config-scan: sites=www.diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log ...
show more
[da.kdns.gr] httpd-config-scan: sites=www.diadromi.com; logs=/var/log/httpd/domains/diadromi.com.log; samples=/.git/index | /.git/index/
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:54:37
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:54:32.235185 2026] [security2:error] [pid 13386:tid 13448] [client 146.70.193.17:39160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deyyoungart.com"] [uri "/.git/index"] [unique_id "alhH6OKwVXg0fP1HBPmn7AAAAEo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:29:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:28:58.858657 2026] [security2:error] [pid 3328:tid 3328] [client 146.70.193.17:38394] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "depcare.com"] [uri "/.git/index"] [unique_id "alhB6nDZd2HzKHnO61wliQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-16 02:21:20
(1 day ago)
Try to access /.git/index
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:53:30
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:53:24.064126 2026] [security2:error] [pid 2389:tid 2389] [client 146.70.193.17:45406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctrussell.us"] [uri "/.git/index"] [unique_id "alg5lL9bIyXSrrQr_L10DwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ut-addicted.com
2026-07-16 01:42:57
(1 day ago)
\[Thu Jul 16 03:42:56.310219 2026\] \[:error\] \[pid 2934:tid 139785727313664\] \[client 146.70.193. ...
show more
\[Thu Jul 16 03:42:56.310219 2026\] \[:error\] \[pid 2934:tid 139785727313664\] \[client 146.70.193.17:60150\] \[client 146.70.193.17\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/.git/index"\] \[unique_id "alg3IA6TPjr@zQPs7R1sAgAAANE"\]
show less
Brute-Force
Web App Attack
๐ฌ๐ง
Oakley
2026-07-16 01:38:53
(1 day ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 01:35:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.70.193.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:35:12.260422 2026] [security2:error] [pid 4880:tid 4880] [client 146.70.193.17:49144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crochetdoilies.com"] [uri "/.git/index"] [unique_id "alg1UAev-_ZvK8FY6PuXcwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-16 00:48:57
(1 day ago)
cloudlinux2 fail2ban: 2026-07-16 02:43:56,598 fail2ban.filter [1812]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-16 02:43:56,598 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 216.73.163.97 - 2026-07-16 02:43:56cloudlinux2 fail2ban: 2026-07-16 02:44:29,598 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 146.70.193.17 - 2026-07-16 02:44:29cloudlinux2 fail2ban: 2026-07-16 02:44:44,036 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 101.26.28.148 - 2026-07-16 02:44:43cloudlinux2 fail2ban: 2026-07-16 02:44:54,111 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.131.194.1 - 2026-07-16 02:44:53cloudlinux2 fail2ban: 2026-07-16 02:44:57,687 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 98.159.37.71 - 2026-07-16 02:44:57cloudlinux2 fail2ban: 2026-07-16 02:44:53,570 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.131.194.22 - 2026-07-16 02:44:52cloudlinux2 fail2ban: 2026-07-16 02:45:01,922 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 98.159.37.71 - 2026-07-16 02:45:01cloudlin
show less
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-16 00:42:53
(1 day ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.git/index
Web App Attack