๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:04:55
(16 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐ช๐ธ
alferez
2026-07-16 19:01:23
(19 hours ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:36:32
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:36:28.425217 2026] [security2:error] [pid 26331:tid 26331] [client 3.25.226.227:53444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mrepoch.art"] [uri "/.git/config"] [unique_id "alkkrD9P553P0X9GC9ytuQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:17:29
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:17:23.753308 2026] [security2:error] [pid 31995:tid 31995] [client 3.25.226.227:60236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgetownca.com"] [uri "/.git/config"] [unique_id "alj2A1pJ-LJFOWNdgaYVXQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 14:44:11
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:44:04.812430 2026] [security2:error] [pid 29104:tid 29320] [client 3.25.226.227:59672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "georgementz.org"] [uri "/.git/config"] [unique_id "aljuNGlgdXLX5ayANLnLaAAAApg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-16 14:08:12
(1 day ago)
20 attempts against mh-misbehave-ban on onion
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:56:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:56:36.750592 2026] [security2:error] [pid 4552:tid 4552] [client 3.25.226.227:47888] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geo-modal.com"] [uri "/.git/config"] [unique_id "aljVBF-DO9_pMSiIhn8A0gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-16 12:14:21
(1 day ago)
csagent: score 20.5: secrets grab x2, 404 noise floor x2; 1 domain(s) in 0s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 10:50:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 06:50:40.167462 2026] [security2:error] [pid 15309:tid 15309] [client 3.25.226.227:34212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geofreightint.com"] [uri "/.git/config"] [unique_id "ali3gHinXOLPJkaqqsufswAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:37:40
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:37:33.567955 2026] [security2:error] [pid 16496:tid 16496] [client 3.25.226.227:33300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genevainvestors.com"] [uri "/.git/config"] [unique_id "algnzU1QjJEynM_Yh462WQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 17:39:17
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.c ...
show more
(mod_security) mod_security (id:210492) triggered by 3.25.226.227 (ec2-3-25-226-227.ap-southeast-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 13:39:12.406917 2026] [security2:error] [pid 15233:tid 15233] [client 3.25.226.227:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hvacs-aircon.com"] [uri "/.git/config"] [unique_id "alfFwGDjRhFP5pWgK1atywAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-15 14:33:00
(1 day ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐จ๐ญ
4server
2026-07-15 08:42:53
(2 days ago)
[WedJul1510:42:47.9379092026][security2:error][pid2670695:tid2671069][client3.25.226.227:0]ModSecuri ...
show more
[WedJul1510:42:47.9379092026][security2:error][pid2670695:tid2671069][client3.25.226.227:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mail.teatrotangram.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"aldIB4vKf_37tGF17tDoPAAAAQ8\"]
show less
Hacking
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-15 07:12:18
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ช๐ธ
alferez
2026-07-14 20:46:22
(2 days ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack