๐บ๐ธ
TPI-Abuse
2026-07-02 09:01:18
(31 minutes ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:01:14.746845 2026] [security2:error] [pid 29223:tid 29223] [client 134.199.150.107:57862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxfordgrpco.com"] [uri "/.git/config"] [unique_id "akYo2r3WbV7A8RavPDNmvwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:30:27
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:30:21.133015 2026] [security2:error] [pid 31654:tid 31654] [client 134.199.150.107:56026] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "powdercoatovens.net"] [uri "/.git/config"] [unique_id "akYTjUTEyi1dA5c238imuAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:01:33
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:01:25.821623 2026] [security2:error] [pid 5026:tid 5026] [client 134.199.150.107:47664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watersideaccommodation.com"] [uri "/.git/config"] [unique_id "akYMxfEz_EAc2t-XaFTnFwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-02 06:54:54
(2 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:24:35
(3 hours ago)
(mod_security) mod_security (id:949110) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:949110) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:24:29.202044 2026] [security2:error] [pid 25285:tid 25285] [client 134.199.150.107:44544] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "likulikubookings.com"] [uri "/.git/config"] [unique_id "akYEHXC6n50EvDh0K273sgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 06:07:04
(3 hours ago)
Bot / scanning and/or hacking attempts: GET /.git/config HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
mccsoft.io
2026-07-02 05:56:20
(3 hours ago)
Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ...
show more
Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received).
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:37:35
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:37:27.267325 2026] [security2:error] [pid 17669:tid 17669] [client 134.199.150.107:38744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mathewsdental.com"] [uri "/.git/config"] [unique_id "akX5F8L73QG9w6xjLOQlLgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-07-02 05:14:25
(4 hours ago)
2 attacks on VC URLs:
GET /.git/config HTTP/1.1
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 04:40:14
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:40:06.548136 2026] [security2:error] [pid 3694:tid 3694] [client 134.199.150.107:35278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mirai-labo.com"] [uri "/.git/config"] [unique_id "akXrpoJH6kzJEikmyJJ--QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 04:16:12
(5 hours ago)
134.199.150.107 patrz.eu - [02/Jul/2026:06:16:11 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Mozil ...
show more
134.199.150.107 patrz.eu - [02/Jul/2026:06:16:11 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 04:13:55
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:13:50.026485 2026] [security2:error] [pid 1102:tid 1102] [client 134.199.150.107:49660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "therustedtree.com"] [uri "/.git/config"] [unique_id "akXlfjQT3yDzq4uYSZmRNAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-02 04:13:13
(5 hours ago)
(mod_security-custom) mod_security (id:210492) triggered by 134.199.150.107 (AU/Australia/New South ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 134.199.150.107 (AU/Australia/New South Wales/Alexandria/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐จ๐ญ
4server
2026-07-02 03:16:18
(6 hours ago)
[ThuJul0205:16:11.5313052026][security2:error][pid3028985:tid3029014][client134.199.150.107:0]ModSec ...
show more
[ThuJul0205:16:11.5313052026][security2:error][pid3028985:tid3029014][client134.199.150.107:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"xn--tirascarph-ieb.ch\"][uri\"/.git/config\"][unique_id\"akXX-yGjE7Q7XZ64XDDKCwAAAA8\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 03:11:00
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 134.199.150.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 23:10:52.647611 2026] [security2:error] [pid 7618:tid 7618] [client 134.199.150.107:48078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madisonworkshopwest.com"] [uri "/.git/config"] [unique_id "akXWvGXR8WSbkwtz6rMfeAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack