๐ณ๐ฑ
homeshowdomain.nl
2026-06-15 22:01:17
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-14.
show less
Web App Attack
SSH
Hacking
๐ซ๐ฎ
geot
2026-06-15 13:56:49
(3 weeks ago)
GET /v2/.git/config HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
mnsf
2026-06-15 01:05:36
(3 weeks ago)
Abuse Detected (60)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 23:50:12
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:50:06.013594 2026] [security2:error] [pid 20289:tid 20289] [client 34.130.125.137:58992] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "versahealthcare.com"] [uri "/v2/.git/config"] [unique_id "ai8-LqI9E0xb7jLiYvfKeQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-14 23:32:48
(3 weeks ago)
[MonJun1501:32:44.7632262026][security2:error][pid3338868:tid3338880][client34.130.125.137:0]ModSecu ...
show more
[MonJun1501:32:44.7632262026][security2:error][pid3338868:tid3338880][client34.130.125.137:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\^\(\?:web\(\?:\(\?:st\(\?:ripp\)\?\|download\|copi\)er\|zip\)\|\(\?:prowebwalk\|sitesnagg\)er\|c\(\?:heesebot\|ombine\)\|teleportpro\|blackhole\|chinaclaw\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"174\"][id\"330019\"][rev\"3\"][msg\"Atomicorp.comWAFRules:SuspiciousWebClientDetected\(Disablethisruleifyouwishtoallowtheseclients\)\"][severity\"ERROR\"][hostname\"www.tcservices.ch.136-243-54-122.cpanel.site\"][uri\"/portal/.git/config\"][unique_id\"ai86HJ3wLQBVKk8VEJlObgAAAQg\"]
show less
Port Scan
Brute-Force
Web App Attack
๐จ๐ฆ
polycoda
2026-06-14 23:25:34
(3 weeks ago)
๐ฅ VERY AGGRESSIVE SCANNER probed over 100 inexistent files and PHP scripts in less than an hour.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 23:06:42
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:06:35.027132 2026] [security2:error] [pid 32185:tid 32185] [client 34.130.125.137:37400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.1ceg.com.greighhouse.com"] [uri "/.git/config"] [unique_id "ai8z--1irt5cyd9WU0gHsgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-14 22:20:24
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 22:19:45
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:19:38.766291 2026] [security2:error] [pid 31567:tid 31567] [client 34.130.125.137:39310] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lanuevaley.com.labelrecord.com"] [uri "/.git/config"] [unique_id "ai8o-mLBvyvmJ5vk17g7mAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-06-14 22:10:06
(3 weeks ago)
AutoBlock: โ๏ธ Configuration File Access (Non Decay-Based)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 21:02:43
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:02:35.979939 2026] [security2:error] [pid 29238:tid 29238] [client 34.130.125.137:48600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "informativearticles.com"] [uri "/.git/config"] [unique_id "ai8W62IyAFcxm0xzB89I_wAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
antlac1
2026-06-14 11:56:35
(3 weeks ago)
crowdsecurity/http-probing
Brute-Force
Web App Attack
Anonymous
2026-06-14 07:15:01
(3 weeks ago)
suspicious request in access.log
Web App Attack
๐ซ๐ท
masterguru
2026-06-14 07:08:47
(3 weeks ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 06:48:27
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.130.125.137 (137.125.130.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:48:20.621515 2026] [security2:error] [pid 27651:tid 27651] [client 34.130.125.137:57860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctrussell.us"] [uri "/app/.git/config"] [unique_id "ai5OtAsRFEgptnx4AI03tQAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack