Anonymous
2026-07-01 04:35:57
(1 day ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ณ๐ฑ
homeshowdomain.nl
2026-06-09 22:01:06
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-09 15:57:12
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:57:08.366095 2026] [security2:error] [pid 17495:tid 17495] [client 35.205.27.197:35898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "velocity40.com"] [uri "/.git/config"] [unique_id "aig31Kb_z3nzipaqy8tX3AAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-09 12:39:20
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ง๐ช
cmbplf
2026-06-09 11:38:49
(3 weeks ago)
8.538 requests with url.path *.git/*
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-09 10:24:00
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:23:54.467922 2026] [security2:error] [pid 4955:tid 4955] [client 35.205.27.197:50784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anrfilters.com"] [uri "/.git/config"] [unique_id "aifpuqmLK5qVZmnX0pbkuwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 10:05:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:05:23.399973 2026] [security2:error] [pid 28681:tid 28681] [client 35.205.27.197:44256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hayatmotifi.com.kircali.net"] [uri "/.git/config"] [unique_id "aiflY4LLNJEbHGlOOzPnXwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-09 09:45:56
(3 weeks ago)
[TueJun0911:45:49.7694062026][security2:error][pid494544:tid495102][client35.205.27.197:0]ModSecurit ...
show more
[TueJun0911:45:49.7694062026][security2:error][pid494544:tid495102][client35.205.27.197:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.swiss-web-hosting-ch.hostingedominio.net\"][uri\"/.git/config\"][unique_id\"aifgzeBGXXecCxveiwXKfwAAAII\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 09:15:11
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:15:02.575083 2026] [security2:error] [pid 30241:tid 30241] [client 35.205.27.197:60038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canaldumidi360.com"] [uri "/.git/config"] [unique_id "aifZlrzHhfFh7idJ3xbzMgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
NXTwoThou
2026-06-09 08:41:39
(3 weeks ago)
/.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 08:31:29
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:31:24.301970 2026] [security2:error] [pid 30372:tid 30372] [client 35.205.27.197:44994] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opticasprisma.com"] [uri "/.git/config"] [unique_id "aifPXAIKX9hhjShkk0BqLgAAADk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 08:09:59
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:09:54.606071 2026] [security2:error] [pid 29407:tid 29407] [client 35.205.27.197:39316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artocratic.com"] [uri "/.git/config"] [unique_id "aifKUmrf8SEmpAMkZyRK7gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 07:11:10
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:11:02.700803 2026] [security2:error] [pid 22870:tid 22870] [client 35.205.27.197:49104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bergopro.co.uk.easternimport.com"] [uri "/.git/config"] [unique_id "aie8hkC1pTtMMQrFfenxmAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Smish
2026-06-09 06:30:15
(3 weeks ago)
HONEYPOT HIT --> Fail2ban time=1780986613 log=2026-06-09T07:30:13+01:00 ip=35.205.27.197 host=vmhost ...
show more
HONEYPOT HIT --> Fail2ban time=1780986613 log=2026-06-09T07:30:13+01:00 ip=35.205.27.197 host=vmhost01.mci.as210667.net method=GET uri="/.git/config" status=404 ua="Mozilla/5.0 (X11; U; Linux x86_64; en-gb) AppleWebKit/534.35 (KHTML, like Gecko) Chrome/11.0.696.65 Safari/534.35 Puffin/2.9174AP" ref="-" rid=5b5e33cdf13a89554e1616dd75710f5f
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 06:00:31
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.205.27.197 (197.27.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:00:27.260082 2026] [security2:error] [pid 20578:tid 20578] [client 35.205.27.197:38264] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirbysheetmetalworks.com"] [uri "/.git/config"] [unique_id "aier-4mdmyqPDsKw991OfwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack