๐ณ๐ฑ
homeshowdomain.nl
2026-02-25 22:59:03
(4 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-02-24.
show less
Web App Attack
SSH
Hacking
๐ง๐ช
sid3windr
2026-02-25 18:06:39
(4 months ago)
GET /.git/config (Tarpitted for 1d15h8m26s, wasted 8.06MB)
Web App Attack
๐ณ๐ฑ
jjnxpct
2026-02-25 04:50:45
(4 months ago)
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ...
show more
Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config]
show less
Web App Attack
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-02-24 22:59:38
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-24
Web App Attack
SSH
Hacking
Anonymous
2026-02-24 13:17:14
(4 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
Anonymous
2026-02-24 06:12:59
(4 months ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐บ๐ธ
kosada.com
2026-02-24 06:02:39
(4 months ago)
Web vulnerability probing: /.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 05:53:21
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 24 00:53:13.607110 2026] [security2:error] [pid 22450:tid 22450] [client 44.203.84.138:48788] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magnoliahillproductions.com"] [uri "/.git/config"] [unique_id "aZ08yU10JUlDdHIAti76NgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-02-24 04:49:32
(4 months ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 04:35:52
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 23:35:47.920596 2026] [security2:error] [pid 10860:tid 10860] [client 44.203.84.138:43192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.peterjohnsonauthor.peterjohnsonya.com"] [uri "/.git/config"] [unique_id "aZ0qo0tpIvPjAvN4IlfniAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Flo Flo
2026-02-24 04:33:24
(4 months ago)
44.203.84.138 - - - [24/Feb/2026:05:33:24 +0100] "flad.xyz" "GET /.git/config HTTP/1.1" 444 0 "-" "M ...
show more
44.203.84.138 - - - [24/Feb/2026:05:33:24 +0100] "flad.xyz" "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0" 0.000
...
show less
Web App Attack
Anonymous
2026-02-24 04:31:47
(4 months ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฉ๐ช
FeG Deutschland
2026-02-24 03:34:58
(4 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-24 03:25:53
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amaz ...
show more
(mod_security) mod_security (id:210492) triggered by 44.203.84.138 (ec2-44-203-84-138.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 22:25:47.341686 2026] [security2:error] [pid 23063:tid 23063] [client 44.203.84.138:44808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.maths-teacher-in-phnom-penh.com.globalvillagecambodia.org"] [uri "/.git/config"] [unique_id "aZ0aO_cTrgaE-WvBtib58QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
AWW-Admin
2026-02-24 03:06:53
(4 months ago)
(mod_security) mod_security triggered on hostname [redacted] 44.203.84.138 (US/United States/ec2-44- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 44.203.84.138 (US/United States/ec2-44-203-84-138.compute-1.amazonaws.com)
show less
SQL Injection