๐ฉ๐ช
Bedios GmbH
2026-07-02 19:56:11
(6 minutes ago)
Login credentials theft attempt
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 19:43:15
(19 minutes ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:43:10.731719 2026] [security2:error] [pid 24651:tid 24651] [client 34.30.128.153:60000] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hesalivebut.andrsn.com"] [uri "/.git/config"] [unique_id "aka_TskEQsy9313LtZnuVQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-02 18:52:52
(1 hour ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:50:45
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:50:40.418012 2026] [security2:error] [pid 29272:tid 29272] [client 34.30.128.153:60742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.haswebdesign.davidfortier.com"] [uri "/.git/config"] [unique_id "akazAEV7T5eEy7wSDwKYIQAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-02 18:42:37
(1 hour ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/tpot-web-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:26:56
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:26:48.512525 2026] [security2:error] [pid 30391:tid 30391] [client 34.30.128.153:34376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hamankaya.castagnino.com"] [uri "/.git/config"] [unique_id "akataIrsbYXiVYNyWB8MXAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-02 16:50:49
(3 hours ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐ซ๐ฎ
mnazibo
2026-07-02 16:30:24
(3 hours ago)
Date: Jul 02 19:27:48 2026 EAT | Reported IP: 34.30.128.153 mod_security | id: 930130 949110 | US/us ...
show more
Date: Jul 02 19:27:48 2026 EAT | Reported IP: 34.30.128.153 mod_security | id: 930130 949110 | US/usernameab.my_domain/- | Connections: 1 | Blocked: Permanent Block: [LF_MODSEC] | Logs: ; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 5)
show less
SQL Injection
Brute-Force
Bad Web Bot
๐ฉ๐ช
Ba-Yu
2026-07-02 16:26:47
(3 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 16:22:26
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:22:21.722708 2026] [security2:error] [pid 30294:tid 30294] [client 34.30.128.153:38584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dukecityinvestigations.kountz.org"] [uri "/.git/config"] [unique_id "akaQPe_WeI0N2_zpR1yBiAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 16:07:22
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:07:16.223816 2026] [security2:error] [pid 4915:tid 4915] [client 34.30.128.153:44564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.drschneedle.org.theholographicseed.com"] [uri "/.git/config"] [unique_id "akaMtOBKtVXcQGzZdOD7pwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-02 16:03:53
(3 hours ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-07-02 15:45:39
(4 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 34.30.128.153 (US/United States/153.128 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 34.30.128.153 (US/United States/153.128.30.34.bc.googleusercontent.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-02 15:43:16
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.30.128.153 (153.128.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:43:07.718211 2026] [security2:error] [pid 3327:tid 3327] [client 34.30.128.153:46708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dpginc1.iyp-home.com"] [uri "/.git/config"] [unique_id "akaHCwfYTYR0eyIU06rL7wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-02 15:35:04
(4 hours ago)
Try to access /.git/config
Web App Attack