Anonymous
2026-07-06 16:33:48
(6 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 21:59:52
(1 week ago)
Auto-ban: >3000 req/min op 2026-07-02
Web App Attack
SSH
Hacking
๐ซ๐ท
ecode hosting
2026-07-02 21:02:05
(1 week ago)
Domain : gnsskirala.com
Rule : config
2026-07-02 21:00:47 10.100.1.20 GET /.git/config - 80 - 209.38 ...
show more
Domain : gnsskirala.com
Rule : config
2026-07-02 21:00:47 10.100.1.20 GET /.git/config - 80 - 209.38.29.156 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - gnsskirala.com 404 8 0 1374 239 1959 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-02 19:09:53
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:09:47.696314 2026] [security2:error] [pid 19773:tid 19773] [client 209.38.29.156:37978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fccemetery.org"] [uri "/.git/config"] [unique_id "aka3e31Bpee4dPiuIp--HAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-02 18:53:43
(1 week ago)
[Fri Jul 03 04:53:42.097281 2026] [security2:error] [pid 543760] [client 209.38.29.156:60362] [clien ...
show more
[Fri Jul 03 04:53:42.097281 2026] [security2:error] [pid 543760] [client 209.38.29.156:60362] [client 209.38.29.156] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/.git/config"] [unique_id "akaztica622-8SZPHOJ3BwAAAAg"]
...
show less
Web App Attack
๐ง๐ท
dominioz
2026-07-02 18:04:04
(1 week ago)
2026-07-02 13:42:31 GET /.git/config - - 209.38.29.156 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+Appl ...
show more
2026-07-02 13:42:31 GET /.git/config - - 209.38.29.156 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 463
2026-07-02 13:42:34 GET /.git/config - - 209.38.29.156 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 487
2026-07-02 18:03:19 GET /.git/config - - 209.38.29.156 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 463
2026-07-02 18:03:23 GET /.git/config - - 209.38.29.156 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/81.0.4044.129+Safari/537.36 - 301 487
...
show less
Web App Attack
๐จ๐ฆ
dispensight
2026-07-02 16:51:07
(1 week ago)
SecureLeaf CTI: credential/secret path probe. 1 req against dispensight.com (e.g. /.git/config). Def ...
show more
SecureLeaf CTI: credential/secret path probe. 1 req against dispensight.com (e.g. /.git/config). Defensive report; verified infra.
show less
Hacking
Web App Attack
๐ฎ๐น
Inartis
2026-07-02 13:39:04
(1 week ago)
209.38.29.156 - - [02/Jul/2026:15:06:21 +0200] "GET /.git/config HTTP/1.1" 302 513 "-" "Mozilla/5.0 ...
show more
209.38.29.156 - - [02/Jul/2026:15:06:21 +0200] "GET /.git/config HTTP/1.1" 302 513 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
209.38.29.156 - - [02/Jul/2026:15:06:22 +0200] "GET /.git/config HTTP/1.1" 404 45457 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
209.38.29.156 - - [02/Jul/2026:15:39:03 +0200] "GET /.git/config HTTP/1.1" 302 513 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Jimbo67
2026-07-02 13:26:48
(1 week ago)
Cloudflare WAF: 1 hits in 30s | action=block | abuse=suspicious_probe | categories=19 | rule_id=0189 ...
show more
Cloudflare WAF: 1 hits in 30s | action=block | abuse=suspicious_probe | categories=19 | rule_id=0189a8c2c2ab4a60bc709bad14577d18 | URIs=/.git/config | confidence=0.82
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 12:26:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:25:55.963332 2026] [security2:error] [pid 5523:tid 5523] [client 209.38.29.156:44766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greensealusa.com"] [uri "/.git/config"] [unique_id "akZY0-L0_kY3cODJCj9PvAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Major Hostility
2026-07-02 11:27:53
(1 week ago)
"GET /.git/config HTTP/1.1" 404
"GET /.git/config HTTP/1.1" 404
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:02:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:02:05.774437 2026] [security2:error] [pid 26886:tid 26886] [client 209.38.29.156:53168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kooroshvaziri.com"] [uri "/.git/config"] [unique_id "akZFLW0ekLg-xKOTtG2NYAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ด
INTEQ
2026-07-02 09:21:36
(1 week ago)
Web attack from 209.38.29.156
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:55:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 209.38.29.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:54:56.308899 2026] [security2:error] [pid 5680:tid 5680] [client 209.38.29.156:35718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jazzycatty.com"] [uri "/.git/config"] [unique_id "akYnYBqOaKDdYrkaI8DaEQAAADs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-02 08:34:08
(1 week ago)
[Thu Jul 02 18:34:07.601038 2026] [security2:error] [pid 491336] [client 209.38.29.156:55338] [clien ...
show more
[Thu Jul 02 18:34:07.601038 2026] [security2:error] [pid 491336] [client 209.38.29.156:55338] [client 209.38.29.156] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/.git/config"] [unique_id "akYif01ZqlVkkw1iFizP9AAAAAA"]
...
show less
Web App Attack