๐ฉ๐ช
CELOS-SOC
2026-07-11 16:31:09
(1 day ago)
Multiple Unauthorized SSLVPN Login Attempts
Hacking
Brute-Force
๐ช๐ธ
librebit
2026-07-11 14:58:55
(1 day ago)
Brute force
Brute-Force
๐ฎ๐ช
tarlabs
2026-06-27 17:11:09
(2 weeks ago)
IP banned by Fail2Ban (TLS jail)
Hacking
Anonymous
2026-06-15 20:05:02
(3 weeks ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 18:49:15
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:49:12.426620 2026] [security2:error] [pid 5896:tid 5896] [client 185.65.135.176:46944] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ankitoner.com"] [uri "/.git/index"] [unique_id "ajBJKHe3kxr7k1VoGKZY-QAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 18:33:20
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:33:17.021596 2026] [security2:error] [pid 15368:tid 15368] [client 185.65.135.176:58106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrejblatnik.com"] [uri "/.git/index"] [unique_id "ajBFbaDRF_rABuB6meUM1AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 18:08:16
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:08:12.873902 2026] [security2:error] [pid 27521:tid 27536] [client 185.65.135.176:48212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanacademyofprojectmanagement.com"] [uri "/.git/index"] [unique_id "ajA_jN8_06IHrfLJrzQYzwAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-15 17:54:31
(3 weeks ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 17:19:06
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:18:59.574101 2026] [security2:error] [pid 18289:tid 18289] [client 185.65.135.176:42354] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexgitlin.com"] [uri "/.git/index"] [unique_id "ajA0A_NDzoCjYf_IvsKgbwAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 17:03:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 13:03:10.887362 2026] [security2:error] [pid 25157:tid 25157] [client 185.65.135.176:38064] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "al-ketab.net"] [uri "/.git/index"] [unique_id "ajAwTuUi0T1ogM1FRO-eGAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-15 17:00:00
(3 weeks ago)
Try to access /.git/index
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 16:05:28
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.65.135.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:05:21.999537 2026] [security2:error] [pid 25254:tid 25254] [client 185.65.135.176:58176] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adrienberthaud.com"] [uri "/.git/index"] [unique_id "ajAiwdl6RzFv7vxsirm9NQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
NetGuard
2026-06-14 12:17:11
(4 weeks ago)
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timest ...
show more
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timestamp: 2026-06-14T12:17:11.941+00:00
Attacker IP: 185.65.135.176 | Port: N/A | Country: Sweden
Honeypot: ciscoasa | Attack: unknown
Source: NetGuard 24/7 (netguard24-7.com) | PhantomGrid Defense
show less
Web App Attack
๐บ๐ธ
NetGuard
2026-06-12 10:28:33
(1 month ago)
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timest ...
show more
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timestamp: 2026-06-12T10:28:33.675+00:00
Attacker IP: 185.65.135.176 | Port: N/A | Country: Sweden
Honeypot: ciscoasa | Attack: unknown
Source: NetGuard 24/7 (netguard24-7.com) | PhantomGrid Defense
show less
Web App Attack
๐บ๐ธ
NetGuard
2026-06-09 08:18:42
(1 month ago)
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timest ...
show more
#honeypot #netguard247 #ciscoasa
Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com).
Timestamp: 2026-06-09T08:18:42.143+00:00
Attacker IP: 185.65.135.176 | Port: N/A | Country: Sweden
Honeypot: ciscoasa | Attack: unknown
Source: NetGuard 24/7 (netguard24-7.com) | PhantomGrid Defense
show less
Web App Attack