๐ณ๐ฑ
homeshowdomain.nl
2026-06-09 21:59:51
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-09 15:35:38
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:35:30.439115 2026] [security2:error] [pid 13534:tid 13534] [client 136.112.15.137:59148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.professional-transitions.net.mlappa.net"] [uri "/.git/config"] [unique_id "aigywirB0e463D3Xo8WLuwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
TechnoSolutions CL
2026-06-09 12:33:57
(2 weeks ago)
136.112.15.137 - - [09/Jun/2026:12:33:53 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 ( ...
show more
136.112.15.137 - - [09/Jun/2026:12:33:53 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 9; SM-G950F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.143 Mobile Safari/537.36"
136.112.15.137 - - [09/Jun/2026:12:33:56 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/28.0.1469.0 Safari/537.36"
...
show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 12:01:44
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:01:38.040235 2026] [security2:error] [pid 1598:tid 1598] [client 136.112.15.137:50930] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brbcash.com"] [uri "/.git/config"] [unique_id "aigAomXi0vQjApoBvpi2uwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-09 11:01:43
(2 weeks ago)
[TueJun0913:01:40.1348112026][security2:error][pid784186:tid784770][client136.112.15.137:0]ModSecuri ...
show more
[TueJun0913:01:40.1348112026][security2:error][pid784186:tid784770][client136.112.15.137:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.vetreriaperletti.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"aifylBUZt7Cwc0UWULbK-gAAAJM\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 10:14:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:14:11.132704 2026] [security2:error] [pid 22752:tid 22752] [client 136.112.15.137:33586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liferestorationproject.com"] [uri "/.git/config"] [unique_id "aifncy5Kpr_nOeRyfcRhwQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 09:40:04
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:39:59.667825 2026] [security2:error] [pid 20436:tid 20436] [client 136.112.15.137:44520] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.martinka.martinka.org"] [uri "/.git/config"] [unique_id "aiffb02lvIJFIE3oo0QGWQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 08:52:36
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:52:30.971063 2026] [security2:error] [pid 6978:tid 6978] [client 136.112.15.137:43974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "valuechains4poor.net"] [uri "/.git/config"] [unique_id "aifUTrqyggSENkD1FSFcHQAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-09 07:56:54
(3 weeks ago)
Try to access /.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 05:26:25
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:26:22.780855 2026] [security2:error] [pid 5134:tid 5148] [client 136.112.15.137:48058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tsengkwongchi.com.munatseng.org"] [uri "/.git/config"] [unique_id "aiej_nvjz2V3fuPGamSpCAAAAIw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Charlesiv
2026-06-09 04:00:07
(3 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Prot ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
Timestamp: 2026-06-09T03:48:01Z
Ray ID: a08d2886ef104417
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-09 03:10:38
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:10:32.797995 2026] [security2:error] [pid 26996:tid 26996] [client 136.112.15.137:48474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.learn.panmaneecnc.com"] [uri "/.git/config"] [unique_id "aieEKOPW0X32IduvOzJPMQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
lnklnx
2026-06-09 01:21:44
(3 weeks ago)
www.lnklnx.com:443 136.112.15.137 - - [08/Jun/2026:20:21:42 -0500] "GET /.git/config HTTP/1.1" 403 3 ...
show more
www.lnklnx.com:443 136.112.15.137 - - [08/Jun/2026:20:21:42 -0500] "GET /.git/config HTTP/1.1" 403 3819 "-" "Mozilla/5.0 (Linux; Android 7.0; LGUS997 Build/NRD90U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.125 Mobile Safari/537.36"
...
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 22:09:10
(3 weeks ago)
Auto-ban: >3000 req/min op 2026-06-08
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 19:26:41
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 136.112.15.137 (137.15.112.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:26:33.419931 2026] [security2:error] [pid 22303:tid 22303] [client 136.112.15.137:42808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.londongroup.info"] [uri "/.git/config"] [unique_id "aicXaU_Blcbc9ldK481XHgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack