๐บ๐ธ
TPI-Abuse
2026-07-19 05:28:00
(27 minutes ago)
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 01:27:52.701089 2026] [security2:error] [pid 1596:tid 1596] [client 136.111.64.88:51404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hope4elsalvador.org"] [uri "/.git/HEAD"] [unique_id "alxgWHpWcV2Ce-sdyRkDsgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-19 05:09:58
(45 minutes ago)
Web vulnerability probing: /.gitconfig
Web App Attack
Anonymous
2026-07-19 04:53:11
(1 hour ago)
136.111.64.88 - - [19/Jul/2026:06:53:05 +0200] "GET /config.json HTTP/2.0" 403 272 "-" "Mozilla/5.0 ...
show more
136.111.64.88 - - [19/Jul/2026:06:53:05 +0200] "GET /config.json HTTP/2.0" 403 272 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0;
show less
Web Spam
Blog Spam
Brute-Force
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-19 04:45:01
(1 hour ago)
ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-19 04:25:08
(1 hour ago)
(mod_security) mod_security (id:210730) triggered by 136.111.64.88 (88.64.111.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 136.111.64.88 (88.64.111.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 00:25:02.213185 2026] [security2:error] [pid 31429:tid 31429] [client 136.111.64.88:49046] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||holesandcorners.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "holesandcorners.com"] [uri "/rclone.conf"] [unique_id "alxRnphcp4CfGeGSpLNYLQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 04:03:45
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 00:03:41.108148 2026] [security2:error] [pid 28365:tid 28365] [client 136.111.64.88:51588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hooks-n-hearts.com"] [uri "/.git/config"] [unique_id "alxMnW9rNe-XPWre4WbjWAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Holger
2026-07-19 03:20:27
(2 hours ago)
Bruteforce WebAttack
Brute-Force
Web App Attack
๐ฌ๐ง
Oakley
2026-07-19 03:10:43
(2 hours ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐บ๐ธ
Matthew Ping
2026-07-19 02:45:01
(3 hours ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ณ๐ฑ
e.fierstra
2026-07-19 02:08:00
(3 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-19 02:06:09
(3 hours ago)
Too many Status 40X (33)
Scanning/Probing (30)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:40:07
(4 hours ago)
(mod_security) mod_security (id:210730) triggered by 136.111.64.88 (88.64.111.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 136.111.64.88 (88.64.111.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:39:57.937886 2026] [security2:error] [pid 24994:tid 24994] [client 136.111.64.88:35136] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||holland-kadaster-registration.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "holland-kadaster-registration.com"] [uri "/z9x8c7v6b5-debug-trigger-holland-kadaster-registration.com"] [unique_id "alwq7XrQDa93MZOYi-VmzAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
vaia.cloud
2026-07-19 01:05:01
(4 hours ago)
trying wp-login.php/xmlrpc.php 36 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 00:19:48
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 136.111.64.88 (88.64.111.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 20:19:41.396010 2026] [security2:error] [pid 16957:tid 16957] [client 136.111.64.88:56696] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holboxwhalesharktours.net"] [uri "/.git/config"] [unique_id "alwYHYOs1XWV4iHRSyDjlQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-18 23:56:10
(5 hours ago)
http-sensitive-files - IP: 136.111.64.88 - time="2026-07-19T01:56:10+02:00" level=info msg="(555f66 ...
show more
http-sensitive-files - IP: 136.111.64.88 - time="2026-07-19T01:56:10+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 136.111.64.88 (US/396982) : 4h ban on Ip 136.111.64.88" module=db
show less
Web App Attack