๐ซ๐ท
HerrWolf
2026-07-03 17:15:03
(5 hours ago)
CrowdSec Detection: crowdsecurity/http-sensitive-files
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 16:53:50
(5 hours ago)
102 requests with url.path *config.json
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 16:44:55
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 12:44:48.867249 2026] [security2:error] [pid 21586:tid 21586] [client 2a0f:ca81:b00b::1653:9f5d:60410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "love-n-promises.com"] [uri "/.git/HEAD"] [unique_id "akfnAOkzaH6O5UNih_YNGwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
its101
2026-07-03 15:10:08
(7 hours ago)
Automated detection by LockdownAccess security system. Attack type(s): git_exposure. Reason: Nginx: ...
show more
Automated detection by LockdownAccess security system. Attack type(s): git_exposure. Reason: Nginx: git_exposure attack. Path targeted: unknown. Blocked in Cloudflare.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 15:08:53
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:08:47.263016 2026] [security2:error] [pid 29951:tid 29951] [client 2a0f:ca81:b00b::1653:9f5d:49730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "localprowrestling.com"] [uri "/.git/HEAD"] [unique_id "akfQfzfDpgWDiNHkgU2h-QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
tall1oN
2026-07-03 07:34:15
(15 hours ago)
2a0f:ca81:b00b::1653:9f5d - - [03/Jul/2026:09:34:14 +0200] "GET /.git/HEAD HTTP/1.1" 200 12288 "-" " ...
show more
2a0f:ca81:b00b::1653:9f5d - - [03/Jul/2026:09:34:14 +0200] "GET /.git/HEAD HTTP/1.1" 200 12288 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" "ppl-tech.de"
2a0f:ca81:b00b::1653:9f5d - - [03/Jul/2026:09:34:15 +0200] "GET /api/.env HTTP/1.1" 200 12288 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15" "ppl-tech.de"
...
show less
Web App Attack
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-03 07:31:00
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:30:53.590891 2026] [security2:error] [pid 9778:tid 9778] [client 2a0f:ca81:b00b::1653:9f5d:41660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prostar.industries"] [uri "/.git/HEAD"] [unique_id "akdlLX7gq4QjADGd5M-NqAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 07:12:40
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:12:36.695947 2026] [security2:error] [pid 4781:tid 4781] [client 2a0f:ca81:b00b::1653:9f5d:53992] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "premaindustrial.com"] [uri "/.git/HEAD"] [unique_id "akdg5BIKi_u1_NtCD1VI3gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:39:29
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:39:21.776882 2026] [security2:error] [pid 2318:tid 2318] [client 2a0f:ca81:b00b::1653:9f5d:40348] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "primecomputer.net"] [uri "/.git/HEAD"] [unique_id "akdZGSx3HUj1QT-Z0TQ3SwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 05:48:38
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:48:30.650987 2026] [security2:error] [pid 5766:tid 5766] [client 2a0f:ca81:b00b::1653:9f5d:42016] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "protonmultimedia.com"] [uri "/backend/.env"] [unique_id "akdNLgmYBBivmtgT6WTiVwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
securejdprop
2026-07-03 05:16:42
(17 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-git-config. WAF block: crowdsecurit ...
show more
This IP was detected by CrowdSec triggering crowdsecurity/vpatch-git-config. WAF block: crowdsecurity/vpatch-git-config from 2a0f:ca81:b00b::1653:9f5d (172.19.0.4)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-03 04:36:43
(17 hours ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:36:37.279895 2026] [security2:error] [pid 1818:tid 1818] [client 2a0f:ca81:b00b::1653:9f5d:57926] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "primestatepainting.com"] [uri "/.env"] [unique_id "akc8VVHY3eCD1yHoX2yQrAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-03 03:58:47
(18 hours ago)
(modsecurity) srv201 ModSecurity 2a0f:ca81:b00b::1653:9f5d (BG/Bulgaria/-): 10 in the last 3600 secs ...
show more
(modsecurity) srv201 ModSecurity 2a0f:ca81:b00b::1653:9f5d (BG/Bulgaria/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 21:59:25
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-01.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 20:49:26
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::1653:9f5d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:49:12.820971 2026] [security2:error] [pid 6731:tid 6731] [client 2a0f:ca81:b00b::1653:9f5d:58214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campos.tv"] [uri "/.git/HEAD"] [unique_id "akbOyCV5IRjRcRzbSEfVQAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack