π³π±
homeshowdomain.nl
2026-06-09 22:00:59
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-09 15:52:32
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:52:28.278125 2026] [security2:error] [pid 22047:tid 22047] [client 34.24.44.66:52572] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bennefeld.k0cgy.net"] [uri "/.git/config"] [unique_id "aig2vAJ883IMfZznr-2kYAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
U-H
2026-06-09 15:27:00
(1 week ago)
Attempted access to sensitive file or dotfile
DDoS Attack
Web App Attack
Hacking
π¦πΊ
2000cn.com.au
2026-06-09 14:16:56
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-06-09 13:45:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:45:25.929780 2026] [security2:error] [pid 9165:tid 9165] [client 34.24.44.66:36096] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kim-porter.com"] [uri "/.git/config"] [unique_id "aigY9Z69ykfgvxrV-FGYrgAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-09 12:27:30
(1 week ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.24.44.66 (US/United States/66.44.2 ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.24.44.66 (US/United States/66.44.24.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π©πͺ
big-cloud.nl
2026-06-09 11:43:22
(1 week ago)
Try to access /.git/config
Web App Attack
π§πͺ
voormedia
2026-06-09 11:30:42
(1 week ago)
Accessed trap at '/.git/config'
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 09:24:54
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 05:24:50.732287 2026] [security2:error] [pid 30682:tid 30682] [client 34.24.44.66:45352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jrbentley.modelengines.info"] [uri "/.git/config"] [unique_id "aifb4keGB-YZXIdomc3DJAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 07:43:21
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:43:14.056321 2026] [security2:error] [pid 713:tid 713] [client 34.24.44.66:47436] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ofertasdetrabajosyempleos.com.creartest.com"] [uri "/.git/config"] [unique_id "aifEEvNU_FlTF7YbJBQXOAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π±π»
garmtech.com
2026-06-09 07:42:08
(1 week ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.git/config
Web App Attack
π¬π§
foxxelabs
2026-06-09 05:47:55
(1 week ago)
Automated report from FoxxeLabs Sentinel. Path probed: /.git/config | Project: anseo | Reason(s): Kn ...
show more
Automated report from FoxxeLabs Sentinel. Path probed: /.git/config | Project: anseo | Reason(s): Known exploit path: /.git/config | User-Agent: Mozilla/5.0 (Linux; Android 7.0; YS900) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.136
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 05:39:46
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:39:42.335450 2026] [security2:error] [pid 28614:tid 28614] [client 34.24.44.66:48124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dewsales.com"] [uri "/.git/config"] [unique_id "aienHsHxU853T9uCZjILzwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
4server
2026-06-09 05:26:31
(1 week ago)
[TueJun0907:26:29.1813392026][security2:error][pid3764919:tid3764952][client34.24.44.66:0]ModSecurit ...
show more
[TueJun0907:26:29.1813392026][security2:error][pid3764919:tid3764952][client34.24.44.66:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.avvocato.urbani.ch\"][uri\"/.git/config\"][unique_id\"aiekBfyq2wD5TuyrLw-nZgAAAUY\"]
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 03:14:27
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:949110) triggered by 34.24.44.66 (66.44.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:14:24.482905 2026] [security2:error] [pid 11462:tid 11462] [client 34.24.44.66:39332] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "jadabellportfolio.com"] [uri "/.git/config"] [unique_id "aieFEH0Y_jpMj8xB-O8USAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack