|
π―π΅
takashi
|
|
Web App Attack detected by honeypot sensor / 30 events in 7 days / Country: CL / ISP: Google LLC
|
Bad Web Bot
Web App Attack
|
|
|
π«π·
SpaceHost-Server
|
|
|
Brute-Force
Web App Attack
|
|
|
π§πͺ
cmbplf
|
|
737 requests with url.path *.git/*
|
Brute-Force
Bad Web Bot
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 22:34:29.132867 2026] [security2:error] [pid 22651:tid 22659] [client 34.176.208.92:45160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.degreesoflove.com.teritemme.com"] [uri "/dist/.git/config"] [unique_id "aj3lNfPwqIJd6-De7fl1RAAAAYI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π³π±
wlt-blocker
|
|
Unauthorized access to webpage admin
|
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 22:07:51.619988 2026] [security2:error] [pid 22698:tid 22722] [client 34.176.208.92:50130] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.transiit.org"] [uri "/api/.git/config"] [unique_id "aj3e9xwUF1nU6wxU7b2ZCwAAANE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π¬π§
consul.to
|
|
Web attack/malicious scanning detected
|
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:949110) triggered by 34.176.208.92 (92.208.176.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:949110) triggered by 34.176.208.92 (92.208.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:36:10.629634 2026] [security2:error] [pid 3043:tid 3043] [client 34.176.208.92:36348] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.sio-org.cescfoundation.org"] [uri "/frontend/.git/config"] [unique_id "aj3XimGmA_E7bohjZj_fQgAAAD8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π©πͺ
EGP Abuse Dept
|
|
Scanning for web/db/file exploits on www.royalpride.nl
|
SQL Injection
Bad Web Bot
Web App Attack
|
|
|
π«π·
Lunix
|
|
|
Brute-Force
Web App Attack
|
|
|
π©πͺ
macrob
|
|
2026/06/26 00:21:47 [error] 4056668#4056668: *330943402 access forbidden by rule, client: 34.176.208 ...
show more
2026/06/26 00:21:47 [error] 4056668#4056668: *330943402 access forbidden by rule, client: 34.176.208.92, server: infinsa.com, request: "GET /src/.git/config HTTP/2.0", host: "www.infinsa.com"
2026/06/26 00:21:47 [error] 4056668#4056668: *330943404 access forbidden by rule, client: 34.176.208.92, server: infinsa.com, request: "GET /build/.git/config HTTP/2.0", host: "www.infinsa.com"
2026/06/26 00:21:47 [error] 4056668#4056668: *330943406 access forbidden by rule, client: 34.176.208.92, server: infinsa.com, request: "GET /dist/.git/config HTTP/2.0", host: "www.infinsa.com"
...
show less
|
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.176.208.92 (92.208.176.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:09:14.371193 2026] [security2:error] [pid 17391:tid 17391] [client 34.176.208.92:32932] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lgougeon.com"] [uri "/wordpress/.git/config"] [unique_id "aj3DKm3ERvlG2CAYFql_ggAAAIY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π«π·
dynamix
|
|
Multiple WAF Violations
|
Web App Attack
|
|
|
Anonymous
|
|
34.176.208.92 - - [25/Jun/2026:17:36:20 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xFC\xBC ...
show more
34.176.208.92 - - [25/Jun/2026:17:36:20 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xFC\xBC\xDAm\x8F(\xD6<\xDB#\xC1\xA1\xDF\xCAo\xA9\x1D\xE3\xEC%`\x06\x03\xD8\xD9p\xF6\xC5\x1DOV2 \x7F\x96\xF1t\x1C\xF8\x8E\xBB\xD7\xCE\x83\xACe!\xBF\xF3\x88Y\x99h\x22\xEB:\xF4\xC0m*\xD7\x95\x7FI<\x00&\xC0+\xC0/\xC0,\xC00\xCC\xA9\xCC\xA8\xC0\x09\xC0\x13\xC0" 400 166 "-" "-"
34.176.208.92 - - [25/Jun/2026:17:36:20 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03\xEE\x1Dq,0\x90\xE3\xA0\xBD*\x05\x12\xCA\x8D2S:\x02j\x06\x1C>\x1B\xD6\xEF\xF1\xD3\xFE,\xA1Q8 \x84k\x1A\xF3\xCD\xD2\xFE%\x81\xAE\xF8\xE4\xF8" 400 166 "-" "-"
34.176.208.92 - - [25/Jun/2026:17:36:20 +0000] "\x16\x03\x01\x00\xEA\x01\x00\x00\xE6\x03\x03)Q<\xB2\x95;\xF5\xAF\x8BV\x1E\x8Cp\xF7\xA7\x9A\xB3\xD3\xB2\xB9O\xB2\xE3\xAC\x13C\xBB\xC6\x01\x98\xEDt )\xDC\x94\x9A\x11\x07" 400 166 "-" "-"
...
show less
|
Brute-Force
|
|
|
πΊπΈ
kosada.com
|
|
Web vulnerability probing (bogus request)
|
Web App Attack
|
|