๐ณ๐ฑ
homeshowdomain.nl
2026-06-14 22:00:36
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-13 16:05:00
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:04:55.170707 2026] [security2:error] [pid 703:tid 703] [client 34.126.139.235:55988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dogandponyband.com"] [uri "/.git/config"] [unique_id "ai1_p8KN4dCdbs7JwAWS8AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 12:51:00
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:50:53.607650 2026] [security2:error] [pid 27540:tid 27547] [client 34.126.139.235:39648] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aapm.aafm.us"] [uri "/.git/config"] [unique_id "ai1SLS_WkOpR8wL0nBusCwAAAEU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-13 12:20:54
(2 weeks ago)
[SatJun1314:20:50.6171222026][security2:error][pid1149337:tid1149760][client34.126.139.235:0]ModSecu ...
show more
[SatJun1314:20:50.6171222026][security2:error][pid1149337:tid1149760][client34.126.139.235:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"webmail.fondazionemontgrand.ch\"][uri\"/.git/config\"][unique_id\"ai1LIs2UZcoLRwzMfbxVigAAAIk\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 11:15:28
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:15:23.091714 2026] [security2:error] [pid 32168:tid 32168] [client 34.126.139.235:44834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belgiophar.net"] [uri "/.git/config"] [unique_id "ai07yxBo7g7hpe7lhLVeLQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Blexyel
2026-06-13 11:13:46
(2 weeks ago)
34.126.139.235 - - [13/Jun/2026:13:13:46 +0200] "GET /.git/config HTTP/1.1" 404 178 "-" "Mozilla/5.0 ...
show more
34.126.139.235 - - [13/Jun/2026:13:13:46 +0200] "GET /.git/config HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) baidu.sogo.uc.Chrome/36.0.1985.125 Safari/537.36" "cloud.phoenixts.eu"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
4server
2026-06-13 10:58:27
(2 weeks ago)
[SatJun1312:58:22.2089962026][security2:error][pid979871:tid979989][client34.126.139.235:0]ModSecuri ...
show more
[SatJun1312:58:22.2089962026][security2:error][pid979871:tid979989][client34.126.139.235:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"autodiscover.cst-ranghetti.ch\"][uri\"/.git/config\"][unique_id\"ai03zpihZMbQv8dTLgK2PgAAAQc\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 10:56:28
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:56:20.783104 2026] [security2:error] [pid 7831:tid 7831] [client 34.126.139.235:52436] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whatireallydid.com"] [uri "/.git/config"] [unique_id "ai03VDHFFnMyXYUgyZnTcgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-13 10:52:53
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 10:38:39
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:38:36.139390 2026] [security2:error] [pid 19010:tid 19010] [client 34.126.139.235:34468] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "safwalu.com"] [uri "/.git/config"] [unique_id "ai0zLD-815lxJ8tARMlNYQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
MM-bot
2026-06-13 09:50:24
(2 weeks ago)
URL-probe: HTTP/1.1 GET request on /.git/config (2026-06-13 11:50:24 UTC+2)
Web App Attack
Hacking
Anonymous
2026-06-13 09:40:02
(2 weeks ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 09:36:11
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:36:05.965786 2026] [security2:error] [pid 20658:tid 20681] [client 34.126.139.235:60722] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.metrobaselexpoforum.org.metropolitanbasel.org"] [uri "/.git/config"] [unique_id "ai0khXGcdyR-mFNUZHCuhgAAAFU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 08:22:48
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:22:44.696159 2026] [security2:error] [pid 8850:tid 8850] [client 34.126.139.235:48002] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.skm.cloudex.link"] [uri "/.git/config"] [unique_id "ai0TVE3XsKxsEIYHypKs_wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 05:34:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.126.139.235 (235.139.126.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:34:24.109366 2026] [security2:error] [pid 32344:tid 32344] [client 34.126.139.235:51736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.starsmogcheck.smogsandiego.com"] [uri "/.git/config"] [unique_id "aizr4B5aRKCyL9xhDo1eyAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack