๐บ๐ธ
TPI-Abuse
2026-07-05 04:33:17
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:33:14.051376 2026] [security2:error] [pid 12243:tid 12243] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:64814] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hal.dance"] [uri "/.git/config"] [unique_id "akneigQoLy3whufXFXsdEwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-04 21:59:10
(18 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-03.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 05:55:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:55:40.178994 2026] [security2:error] [pid 10546:tid 10546] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:58088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.tiln.org"] [uri "/.git/HEAD"] [unique_id "akigXIkX1nporDrk1DOOMgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:16:21
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:16:17.511668 2026] [security2:error] [pid 24986:tid 24986] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:21008] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rohanbyles.com.au"] [uri "/.git/HEAD"] [unique_id "akiJETpMndSf5WaCbLD6MgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-04 01:35:26
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 00:49:40
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:49:34.797181 2026] [security2:error] [pid 9193:tid 9193] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:61552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "avantgarde-hk.org"] [uri "/.git/HEAD"] [unique_id "akhYnmWrdHffJn8An-GtBgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:25:10
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:25:05.739305 2026] [security2:error] [pid 8648:tid 8648] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:65420] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.koshland.org"] [uri "/.git/HEAD"] [unique_id "akhS4dt4C6ajZ4IDNfBKIQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Blexyel
2026-07-03 21:34:16
(1 day ago)
2a04:4e40:e000:0:685:38dd:e17d:251a - - [03/Jul/2026:23:34:15 +0200] "GET /.git/config HTTP/1.1" 401 ...
show more
2a04:4e40:e000:0:685:38dd:e17d:251a - - [03/Jul/2026:23:34:15 +0200] "GET /.git/config HTTP/1.1" 401 179 "-" "git/2.39.2" "349g58n8.pingusmc.org"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:38:29
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:38:24.345425 2026] [security2:error] [pid 12514:tid 12514] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:5462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "staben.vccemail.net"] [uri "/.git/config"] [unique_id "akgPsF4j4ypzAjW5gLNIKAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:45:40
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:45:35.832636 2026] [security2:error] [pid 17683:tid 17687] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:57978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.whitecrosslibrary.com"] [uri "/.git/HEAD"] [unique_id "akciTxe0_RoQXZVd5XPDFQAAAQI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-13 03:01:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 23:01:33.095333 2026] [security2:error] [pid 234390:tid 234390] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:42998] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thelotsmokehouse.com"] [uri "/new/.env"] [unique_id "adxcjejbb4-V30RmQJRyqgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 00:47:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:685:38dd:e17d:251a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 19:47:02.638881 2026] [security2:error] [pid 24284:tid 24284] [client 2a04:4e40:e000:0:685:38dd:e17d:251a:48006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thelotsmokehouse.com"] [uri "/laravel/core/.env.production"] [unique_id "aZZdhhs0Ny1d7kiOPOnWbAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack