๐ณ๐ฑ
homeshowdomain.nl
2026-06-14 22:01:53
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13.
show less
Web App Attack
SSH
Hacking
๐ณ๐ฑ
homeshowdomain.nl
2026-06-13 22:01:37
(2 weeks ago)
Auto-ban: >3000 req/min op 2026-06-13
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-13 17:04:07
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:04:01.088481 2026] [security2:error] [pid 20094:tid 20094] [client 34.21.230.186:53828] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.954glass.com"] [uri "/.git/config"] [unique_id "ai2Ngb7xpLoLEg2bKG9oRgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 12:42:09
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:42:04.049948 2026] [security2:error] [pid 1848:tid 1848] [client 34.21.230.186:41652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.blog.mosherpit.com"] [uri "/.git/config"] [unique_id "ai1QHJS9FlSNK_uwrkGc0wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-06-13 11:35:43
(2 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.21.230.186 (SG/Singapore/186.230 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.21.230.186 (SG/Singapore/186.230.21.34.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 11:30:44
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:30:39.016184 2026] [security2:error] [pid 13711:tid 13711] [client 34.21.230.186:36772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.johnson.thenewplace.org"] [uri "/.git/config"] [unique_id "ai0_X1_YrivZ7II2GfHYIgAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 11:10:44
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:10:38.265760 2026] [security2:error] [pid 23035:tid 23035] [client 34.21.230.186:53984] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.quintessence.com.webdub.com"] [uri "/.git/config"] [unique_id "ai06rrIQHhMTzrChmymXEgAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 10:37:50
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 06:37:43.064043 2026] [security2:error] [pid 18383:tid 18418] [client 34.21.230.186:35790] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.igedac.com"] [uri "/.git/config"] [unique_id "ai0y9zM_DWTo8cF6KZ8dlQAAAIM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-13 10:37:47
(2 weeks ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.230.186 (SG/Singapore/186.230.2 ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.21.230.186 (SG/Singapore/186.230.21.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
Anonymous
2026-06-13 10:37:46
(2 weeks ago)
34.21.230.186 - - [13/Jun/2026:10:37:45 +0000] "GET /.git/config HTTP/1.1" 404 44322 "-" "Mozilla/5. ...
show more
34.21.230.186 - - [13/Jun/2026:10:37:45 +0000] "GET /.git/config HTTP/1.1" 404 44322 "-" "Mozilla/5.0 (Linux; U; Android 1.6; en-us; SonyEricssonX10i Build/R1AA056) AppleWebKit/528.5 (KHTML, like Gecko) Version/3.1.2 Mobile Safari/525.20.1"
...
show less
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-13 10:02:37
(2 weeks ago)
[SatJun1312:02:34.1865952026][security2:error][pid660701:tid661207][client34.21.230.186:0]ModSecurit ...
show more
[SatJun1312:02:34.1865952026][security2:error][pid660701:tid661207][client34.21.230.186:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.landingswiss.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"ai0quo4p0orq8qnHlNJQLAAAAQg\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 08:33:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.21.230.186 (186.230.21.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:33:27.676205 2026] [security2:error] [pid 23653:tid 23653] [client 34.21.230.186:60574] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "certifiedfarmersmarkets.org"] [uri "/.git/config"] [unique_id "ai0V1zawjp1xGHs3qPSm3QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-13 06:45:03
(2 weeks ago)
suspicious request in access.log
Web App Attack
๐ซ๐ท
Sorgin Informatique
2026-06-13 05:18:30
(2 weeks ago)
tee-7 : Trying access unauthorized files/dir=>/.git/config
Hacking
๐ฉ๐ช
big-cloud.nl
2026-06-13 05:00:56
(2 weeks ago)
Try to access /.git/config
Web App Attack