π΅π±
skoczo
2026-07-06 21:54:31
(3 hours ago)
Honeytoken tripped (detected by https://github.com/skoczo/repgate): /.git/HEAD
Web App Attack
Anonymous
2026-07-06 21:27:52
(4 hours ago)
2a04:4e40:e000:0:4a3:ecb:95ab:b57d - - [06/Jul/2026:23:27:51 +0200] "GET /.git/HEAD HTTP/1.1" 402 34 ...
show more
2a04:4e40:e000:0:4a3:ecb:95ab:b57d - - [06/Jul/2026:23:27:51 +0200] "GET /.git/HEAD HTTP/1.1" 402 3400 "-" "git/2.39.2" ...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 21:22:47
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:22:40.115924 2026] [security2:error] [pid 32234:tid 32234] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:12176] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedmotorsports.com"] [uri "/.git/HEAD"] [unique_id "akwcoFyTe5wmuaHhnrkybAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 04:26:03
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:25:53.206030 2026] [security2:error] [pid 13190:tid 13190] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:57372] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.meghanmack.name"] [uri "/.git/config"] [unique_id "aksuUVQB0M692oE4-hg6uAAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-04 22:00:46
(2 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-03.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-04 07:54:13
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:54:09.485979 2026] [security2:error] [pid 25557:tid 25557] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:30886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aquatreat.net"] [uri "/.git/HEAD"] [unique_id "aki8IRQ6z9COwdrVDEDZxwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 07:02:23
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:02:18.160905 2026] [security2:error] [pid 27053:tid 27053] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:53836] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ultratecnologiamx.activethinkers.net"] [uri "/.git/HEAD"] [unique_id "akiv-t63yLEB-Vi551kmzAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 05:56:31
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:56:28.067979 2026] [security2:error] [pid 10857:tid 10857] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:15010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxysulfur.com.mroxygen.org"] [uri "/.git/config"] [unique_id "akigjNilApbmmDjhBOV44wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 05:27:44
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:27:37.817499 2026] [security2:error] [pid 11723:tid 11723] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:59942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.ozarkmountainwinetrail.org"] [uri "/.git/HEAD"] [unique_id "akiZyWWH9EexFyszrpF5JgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 04:48:00
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:47:56.104343 2026] [security2:error] [pid 22475:tid 22475] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:25778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fivecentmiracle.com.mundanestudies.org"] [uri "/.git/config"] [unique_id "akiQfOdlozi_-ltVpj6dxQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 00:46:27
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:46:19.732809 2026] [security2:error] [pid 11373:tid 11373] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.wiszen.org"] [uri "/.git/config"] [unique_id "akhX29O1acZy9rNWmKTSqwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 00:25:52
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:25:49.206164 2026] [security2:error] [pid 20358:tid 20358] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:35014] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.lcoor.org"] [uri "/.git/config"] [unique_id "akhTDVx7ZjMrxHX89Q2yIwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 23:59:01
(3 days ago)
(mod_security) mod_security (id:949110) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:949110) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:58:57.872457 2026] [security2:error] [pid 17908:tid 17908] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:28368] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "auranet.cescfoundation.org"] [uri "/.git/config"] [unique_id "akhMwf9IuM6Vc4UXmM-zyQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 20:07:15
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:07:09.258041 2026] [security2:error] [pid 16553:tid 16553] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:52138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bvnboysbasketball.com"] [uri "/.git/config"] [unique_id "akgWbWx9ZgY1XtArvRPLsgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 19:28:40
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:4a3:ecb:95ab:b57d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:28:33.060027 2026] [security2:error] [pid 11170:tid 11444] [client 2a04:4e40:e000:0:4a3:ecb:95ab:b57d:42608] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "malvadocuaderno.com"] [uri "/.git/config"] [unique_id "akgNYXC3ZKyBUDnuQVj5sAAAAYw"]
show less
Brute-Force
Bad Web Bot
Web App Attack