2026-06-12 10:07:10
(1 week ago)
Trying to access config files
Web App Attack
2026-06-10 14:07:00
(1 week ago)
Trying to access config files
Web App Attack
π³π±
homeshowdomain.nl
2026-06-09 22:01:25
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
π©πͺ
mygcode.de
2026-06-09 16:08:33
(1 week ago)
Scanning for Exploits
Bad Web Bot
π©πͺ
4server
2026-06-09 15:49:03
(1 week ago)
[TueJun0917:48:59.7111472026][security2:error][pid3148352:tid3148379][client34.138.122.130:0]ModSecu ...
show more
[TueJun0917:48:59.7111472026][security2:error][pid3148352:tid3148379][client34.138.122.130:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"agilityrossoblu.ch\"][uri\"/.git/config\"][unique_id\"aig1613Psj7ZBMRcJaK6JwAAAA8\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 14:29:49
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 10:29:42.026297 2026] [security2:error] [pid 22488:tid 22488] [client 34.138.122.130:38482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rangejudging.com"] [uri "/.git/config"] [unique_id "aigjVjU9aCNjxJRzpMKWSQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
lakered
2026-06-09 12:51:32
(1 week ago)
Detectors: [NGINX] | Reasons: Nginx Honeypot: Sensitive configuration file search | Tech Evidence: J ...
show more
Detectors: [NGINX] | Reasons: Nginx Honeypot: Sensitive configuration file search | Tech Evidence: JA4H: 1cc642a8a9acb58e5d9786156179cb57, Incomplete-Browser-Profile (Missing: Accept, Accept-Language), TLS-JA4-Spoofing-Detected (UA claims Browser but JA4 reports No-HTTP/2: t13d190900), JA4: t13d190900 | UA: Mozilla/5.0 (Linux; U; Android 7.1.2; el-gr; Redmi 4X Build/N2G47H) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/71.0.3578.141 Mobile Safari/537.36 XiaoMi/MiuiBrowser/10.9.7-g
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 12:48:32
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:48:27.151240 2026] [security2:error] [pid 25485:tid 25525] [client 34.138.122.130:49434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.livingalegacybulldogges.petsentiments.com"] [uri "/.git/config"] [unique_id "aigLmxrpGNtX0Ec20No6BwAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-09 12:47:35
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 11:06:18
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:06:12.636744 2026] [security2:error] [pid 7863:tid 7869] [client 34.138.122.130:59278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.agrigrailtechnologies.com"] [uri "/.git/config"] [unique_id "aifzpNrCkCD7cKKp1cKdtAAAAQE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 10:35:07
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:35:01.691947 2026] [security2:error] [pid 25294:tid 25294] [client 34.138.122.130:58536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desertvacationvillas.com"] [uri "/.git/config"] [unique_id "aifsVQNjG3_SHuiTCLQMaQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 09:11:57
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:11:51.672990 2026] [security2:error] [pid 8348:tid 8348] [client 34.138.122.130:49316] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customdesignsbybjp.com"] [uri "/.git/config"] [unique_id "aifY1_X7U1UHCbg0qYo9fgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 07:51:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:51:33.210744 2026] [security2:error] [pid 31485:tid 31485] [client 34.138.122.130:50684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.woodburymeadows.org"] [uri "/.git/config"] [unique_id "aifGBcmOvVt8oiiL66D-6QAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 04:44:19
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:44:14.764903 2026] [security2:error] [pid 11560:tid 11560] [client 34.138.122.130:47548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anus.net"] [uri "/.git/config"] [unique_id "aieaHjCcuOeqsHP6q0aZNwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 03:59:35
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.138.122.130 (130.122.138.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:59:27.793038 2026] [security2:error] [pid 27935:tid 27935] [client 34.138.122.130:43158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "weismanovens.daveweisman.com"] [uri "/.git/config"] [unique_id "aiePn7AaZE1tqW6_p-wAswAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack