π³π±
homeshowdomain.nl
2026-06-15 22:01:16
(6 days ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14.
show less
Web App Attack
SSH
Hacking
2026-06-15 10:32:01
(1 week ago)
Malicious activity detected
Hacking
Web App Attack
π©πͺ
4server
2026-06-15 09:46:56
(1 week ago)
[MonJun1511:46:53.0040102026][security2:error][pid4004235:tid4004278][client34.116.81.122:0]ModSecur ...
show more
[MonJun1511:46:53.0040102026][security2:error][pid4004235:tid4004278][client34.116.81.122:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.titancapital.ch.136-243-54-122.cpanel.site\"][uri\"/v2/.git/config\"][unique_id\"ai_KDNNgIvVgLjb6pFFKEAAAAEc\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 09:23:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:23:34.691140 2026] [security2:error] [pid 7371:tid 7371] [client 34.116.81.122:40694] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "winders.name"] [uri "/html/.git/config"] [unique_id "ai_ElrDG5X8gMVy0GXBP5wAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Antinson
2026-06-15 08:56:54
(1 week ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-15 08:43:06
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:43:03.184523 2026] [security2:error] [pid 21764:tid 21764] [client 34.116.81.122:41140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.new-site.cathybermanmft.com"] [uri "/build/.git/config"] [unique_id "ai-7F3EvoINFOdfu1I-dBgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
stinpriza
2026-06-15 08:42:04
(1 week ago)
common Web Exploits being scanned
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 04:48:54
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:48:49.551576 2026] [security2:error] [pid 25335:tid 25335] [client 34.116.81.122:49962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kaanyuzme.chevronparkett.com"] [uri "/static/.git/config"] [unique_id "ai-EMeEZmnVAgvgsOgsKyAAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
melroy89
2026-06-15 04:21:23
(1 week ago)
34.116.81.122 - - [15/Jun/2026:06:20:23 +0200] "GET /web/.git/config HTTP/1.1" 403 176 "-" "Mozilla ...
show more
34.116.81.122 - - [15/Jun/2026:06:20:23 +0200] "GET /web/.git/config HTTP/1.1" 403 176 "-" "Mozilla/5.0 (Linux; Android 7.1.2; Redmi 4X) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "erp-backend-acc.melroy.org" 0.000
34.116.81.122 - - [15/Jun/2026:06:20:23 +0200] "GET /static/.git/config HTTP/1.1" 403 176 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" "erp-backend-acc.melroy.org" 0.000
34.116.81.122 - - [15/Jun/2026:06:20:23 +0200] "GET /www/.git/config HTTP/1.1" 403 176 "-" "Mozilla/5.0 (MSIE 9.0; Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14931" "erp-backend-acc.melroy.org" 0.000
34.116.81.122 - - [15/Jun/2026:06:20:23 +0200] "GET /v3/.git/config HTTP/1.1" 403 176 "-" "Mozilla/5.0 (Linux; Android 6.0; Nexus 5X Build/MDB08L) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/5
...
show less
Web App Attack
π³π±
Mangelot Hosting
2026-06-15 04:14:49
(1 week ago)
(modsecurity) srv201 ModSecurity 34.116.81.122 (AU/Australia/122.81.116.34.bc.googleusercontent.com) ...
show more
(modsecurity) srv201 ModSecurity 34.116.81.122 (AU/Australia/122.81.116.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
π«π·
masterguru
2026-06-15 04:02:29
(1 week ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
π³π±
e.fierstra
2026-06-15 04:01:14
(1 week ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 03:55:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:55:04.485156 2026] [security2:error] [pid 10221:tid 10221] [client 34.116.81.122:50184] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bastardesign.com"] [uri "/api/.git/config"] [unique_id "ai93mL00WeGeirFZISfaYQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 02:21:52
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.116.81.122 (122.81.116.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:21:44.578403 2026] [security2:error] [pid 7961:tid 7961] [client 34.116.81.122:39756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ericdrives.com"] [uri "/public/.git/config"] [unique_id "ai9huEbxFVwdl3oLaek13gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
Saec
2026-06-15 01:00:07
(1 week ago)
Jarvis auto-ban: CF top attacker on saec.ovh (29 hits, AU)
Port Scan
Web App Attack