๐ฉ๐ช
wsyq
2026-07-02 12:45:31
(1 week ago)
Fail2Ban - \[NGINX\]40x-Forcing to access a restricted resource
...
Bad Web Bot
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2026-07-02 12:16:35
(1 week ago)
2a0f:ca81:b00b::4fab:44fd - - [02/Jul/2026:06:16:34 -0600] "GET /.git/config HTTP/1.1" 301 451 "http ...
show more
2a0f:ca81:b00b::4fab:44fd - - [02/Jul/2026:06:16:34 -0600] "GET /.git/config HTTP/1.1" 301 451 "https://imap.ibsis.org/.git/config" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:52:37
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:52:32.105903 2026] [security2:error] [pid 31462:tid 31462] [client 2a0f:ca81:b00b::4fab:44fd:38842] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grspipes.com"] [uri "/.env.development"] [unique_id "akY04Hru1Z22RcsnRRatXQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
dispensight
2026-07-02 09:44:22
(1 week ago)
SecureLeaf CTI: credential/secret path probe; recon path (ngrok-tagged). 2 req against health.dispen ...
show more
SecureLeaf CTI: credential/secret path probe; recon path (ngrok-tagged). 2 req against health.dispensight.cloud (e.g. /.git/config). Defensive report; verified infra.
show less
Port Scan
Hacking
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-02 08:55:51
(1 week ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-02 08:09:07
(1 week ago)
(modsecurity) srv101 ModSecurity 2a0f:ca81:b00b::4fab:44fd (BG/Bulgaria/-): 10 in the last 3600 secs ...
show more
(modsecurity) srv101 ModSecurity 2a0f:ca81:b00b::4fab:44fd (BG/Bulgaria/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ช๐ธ
alferez
2026-07-02 06:51:21
(1 week ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
๐ฉ๐ช
4server
2026-07-02 06:18:30
(1 week ago)
[ThuJul0208:18:27.4659972026][security2:error][pid2589261:tid2589353][client2a0f:ca81:b00b::4fab:44f ...
show more
[ThuJul0208:18:27.4659972026][security2:error][pid2589261:tid2589353][client2a0f:ca81:b00b::4fab:44fd:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"gualandi.ch\"][uri\"/.git/HEAD\"][unique_id\"akYCsyV_PkNkPdZsf1MUvwAAAME\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-02 06:01:37
(1 week ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 04:42:22
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:42:15.559585 2026] [security2:error] [pid 12377:tid 12377] [client 2a0f:ca81:b00b::4fab:44fd:47850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hare.digitalsolutions.help"] [uri "/.git/config"] [unique_id "akXsJzNMUlBOlIVrwceIYwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:21:39
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:21:31.661409 2026] [security2:error] [pid 18639:tid 18639] [client 2a0f:ca81:b00b::4fab:44fd:55382] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scoutmountaindistrict.org"] [uri "/.git/HEAD"] [unique_id "akWS6zXqDimlzsVH_7yhkwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:04:15
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:04:10.234559 2026] [security2:error] [pid 27738:tid 27738] [client 2a0f:ca81:b00b::4fab:44fd:39020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scrunchiebuttbikini.com"] [uri "/.git/HEAD"] [unique_id "akWO2pAl-VHkHcxJr4P7uAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:41:26
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:41:20.100559 2026] [security2:error] [pid 32418:tid 32418] [client 2a0f:ca81:b00b::4fab:44fd:49864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sekizinci.com"] [uri "/.git/HEAD"] [unique_id "akWJgAm11L5Eu_XIAfY3FgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:22:16
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:22:09.534824 2026] [security2:error] [pid 10534:tid 10587] [client 2a0f:ca81:b00b::4fab:44fd:47842] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sellarsmail.com"] [uri "/.git/config"] [unique_id "akWFAVBUVT2cagSzBoJ6KwAAAcc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:04:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a0f:ca81:b00b::4fab:44fd (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:03:56.668748 2026] [security2:error] [pid 8434:tid 8434] [client 2a0f:ca81:b00b::4fab:44fd:43040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seacorre.com"] [uri "/.env"] [unique_id "akWAvIW4q3nxLJPj9MsA9gAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack