๐บ๐ธ
TPI-Abuse
2026-06-30 13:14:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:14:27.171267 2026] [security2:error] [pid 11179:tid 11179] [client 2a0e:97c0:3e3:c62::1:39434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "juniperhills.net"] [uri "/.git/HEAD"] [unique_id "akPBM3NMkTGm8ItYTaITZgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
stypr
2026-06-30 12:24:17
(1 week ago)
Malicious activity detected on HTTP/HTTPS
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:17:23
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:17:19.643725 2026] [security2:error] [pid 11279:tid 11279] [client 2a0e:97c0:3e3:c62::1:35916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jkperis.com"] [uri "/.git/HEAD"] [unique_id "akOzz7R8IoOeVdhp21yNgQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:46:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:46:21.166256 2026] [security2:error] [pid 27418:tid 27418] [client 2a0e:97c0:3e3:c62::1:48176] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "johnpratt.net"] [uri "/.git/HEAD"] [unique_id "akOsjdHsPn-tKllg1jEeQAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:24:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:23:59.287338 2026] [security2:error] [pid 16907:tid 16907] [client 2a0e:97c0:3e3:c62::1:35120] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jimrussell2010.russellforcongress.com"] [uri "/.env"] [unique_id "akOnT2j_Scb4zNYn-Z9gHAAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xserverx.ru
2026-06-30 09:22:39
(1 week ago)
Honeypot triggered:
IP: 2a0e:97c0:3e3:c62::1
Request to: https://xserverx.ru/.git/HEAD
Method: GET
H ...
show more
Honeypot triggered:
IP: 2a0e:97c0:3e3:c62::1
Request to: https://xserverx.ru/.git/HEAD
Method: GET
Host: xserverx.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: Direct
Country: DE
ASN: Unknown
Triggered rules: (\.git/|\.gitignore|\.git/config), /\.git, (127\.0\.0\.1|localhost|0\.0\.0\.0|::1|169\.254\.169\.254)
Timestamp: 2026-06-30T09:22:39.075Z
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:41:51
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:41:47.005066 2026] [security2:error] [pid 7384:tid 7384] [client 2a0e:97c0:3e3:c62::1:53454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yakarinc.com"] [uri "/.env"] [unique_id "akOBS8v0OqtvjqqXrsmIjQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
interbiznw.com
2026-06-30 07:02:20
(1 week ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-30 06:52:30
(1 week ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 03:27:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 23:27:32.679547 2026] [security2:error] [pid 8283:tid 8283] [client 2a0e:97c0:3e3:c62::1:34164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yaseminomer.com.kircali.net"] [uri "/.env"] [unique_id "akM3pFjxoxoTnoj4uKe0bAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-29 21:59:58
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-28.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 16:18:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:17:53.891026 2026] [security2:error] [pid 1535:tid 1545] [client 2a0e:97c0:3e3:c62::1:52382] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "callaplusfirst.uoexpanse.com"] [uri "/.git/HEAD"] [unique_id "akKasdyTXHDMdEEpScy5xgAAAEg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-29 14:00:10
(1 week ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ฉ๐ช
BlueWire Hosting
2026-06-29 13:03:45
(1 week ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-29 10:20:46
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0e:97c0:3e3:c62::1 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:20:42.959115 2026] [security2:error] [pid 6540:tid 6546] [client 2a0e:97c0:3e3:c62::1:42670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "n30ew.com"] [uri "/.env.development"] [unique_id "akJG-mmZhl8mXqgkQpg3KAAAAMQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack