π©πͺ
FeG Deutschland
2026-06-09 12:05:13
(59 minutes ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 11:02:25
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:02:19.503359 2026] [security2:error] [pid 11050:tid 11050] [client 34.182.175.147:42298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ricardoagurcia.com.asociacioncopan.org"] [uri "/.git/config"] [unique_id "aifyu2fKKz03rvKwDadI0gAAAGc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 10:03:35
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:03:27.982824 2026] [security2:error] [pid 11566:tid 11566] [client 34.182.175.147:59516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fruitacpa.com.rooksfamily.com"] [uri "/.git/config"] [unique_id "aifk73X9C9NctGSmCJaTtgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-09 09:38:06
(3 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.182.175.147 (US/United States/147. ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.182.175.147 (US/United States/147.175.182.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π«π·
masterguru
2026-06-09 08:34:45
(4 hours ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.182.175.147 (US/United States/147. ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.182.175.147 (US/United States/147.175.182.34.bc.googleusercontent.com): 2 in the last 3600 secs (0-196)
show less
Hacking
πΊπΈ
TPI-Abuse
2026-06-09 06:25:21
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:25:15.242940 2026] [security2:error] [pid 7195:tid 7195] [client 34.182.175.147:36432] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rpmevolution.com"] [uri "/.git/config"] [unique_id "aiexywtXHhXzNRDjBAXuhgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Antinson
2026-06-09 05:41:07
(7 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-09 04:56:15
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:56:09.195753 2026] [security2:error] [pid 18285:tid 18285] [client 34.182.175.147:48450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camairhvac.com"] [uri "/.git/config"] [unique_id "aiec6Xda2YKaUOMKwcvUUAAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
2000cn.com.au
2026-06-09 04:56:12
(8 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
π©πͺ
4server
2026-06-09 02:02:23
(11 hours ago)
[TueJun0904:02:16.8062092026][security2:error][pid2176188:tid2176285][client34.182.175.147:0]ModSecu ...
show more
[TueJun0904:02:16.8062092026][security2:error][pid2176188:tid2176285][client34.182.175.147:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"swissholdinginvestments.ch.136-243-54-122.cpanel.site\"][uri\"/.git/config\"][unique_id\"aid0KF1bwnHVNbXrqJ-UOwAAAI8\"]
show less
Port Scan
Brute-Force
Web App Attack
2026-06-09 01:55:06
(11 hours ago)
suspicious request in access.log
Web App Attack
π³π±
homeshowdomain.nl
2026-06-08 21:59:38
(15 hours ago)
Auto-ban: >3000 req/min op 2026-06-08
Web App Attack
SSH
Hacking
π©πͺ
big-cloud.nl
2026-06-08 20:46:28
(16 hours ago)
Try to access /.git/config
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 18:18:17
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:18:12.178918 2026] [security2:error] [pid 15039:tid 15039] [client 34.182.175.147:43076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fivecentmiracle.com.mundanestudies.org"] [uri "/.git/config"] [unique_id "aicHZPD4CKl61JcdjoOYXwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 15:53:22
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.182.175.147 (147.175.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:53:18.373759 2026] [security2:error] [pid 19194:tid 19194] [client 34.182.175.147:50742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.smokeydoesit.com.pages4you.com"] [uri "/.git/config"] [unique_id "aiblboWwy_0IhT82SmmBYAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack