π³π±
homeshowdomain.nl
2026-06-09 22:01:13
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
π«π·
masterguru
2026-06-09 16:15:16
(3 weeks ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.38.204.209 (BE/Belgium/209.204.38. ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.38.204.209 (BE/Belgium/209.204.38.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π§πͺ
cmbplf
2026-06-09 15:42:32
(3 weeks ago)
13.426 requests with url.path *.git/*
Brute-Force
Bad Web Bot
π¨π
4server
2026-06-09 15:12:57
(3 weeks ago)
[TueJun0917:12:55.0361672026][security2:error][pid1639177:tid1640244][client34.38.204.209:0]ModSecur ...
show more
[TueJun0917:12:55.0361672026][security2:error][pid1639177:tid1640244][client34.38.204.209:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.greenartistsswiss.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"aigtd7TYJWnmfJtBcYwlgwAAAIo\"]
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 12:05:19
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:05:11.593736 2026] [security2:error] [pid 2359:tid 2359] [client 34.38.204.209:48674] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itaxcenter.com"] [uri "/.git/config"] [unique_id "aigBd8R1eGw_OlLBT9vkPgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 06:10:44
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:10:37.867698 2026] [security2:error] [pid 30089:tid 30089] [client 34.38.204.209:46306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rail-town.com"] [uri "/.git/config"] [unique_id "aieuXbHEqYLCuXoplbE8UgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-09 05:24:55
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 05:16:25
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 01:16:19.126396 2026] [security2:error] [pid 5460:tid 5460] [client 34.38.204.209:48300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toxicwater.com"] [uri "/.git/config"] [unique_id "aieho5I1zoiYs2pm3muXbwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π±π»
garmtech.com
2026-06-09 04:33:11
(3 weeks ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.git/config
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 01:43:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 21:43:46.736083 2026] [security2:error] [pid 6231:tid 6231] [client 34.38.204.209:57562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diceknobs.com"] [uri "/.git/config"] [unique_id "aidv0qFOhflQ0NJXhB1a3QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
MAGIC
2026-06-09 01:27:00
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-09 00:51:07
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:51:00.329680 2026] [security2:error] [pid 29639:tid 29639] [client 34.38.204.209:58518] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlyincanada-eh.com"] [uri "/.git/config"] [unique_id "aidjdEb1_2aVrt_wWvTwXQAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-06-08 22:09:06
(3 weeks ago)
Auto-ban: >3000 req/min op 2026-06-08
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-08 19:43:16
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.38.204.209 (209.204.38.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:43:08.286595 2026] [security2:error] [pid 19692:tid 19692] [client 34.38.204.209:56876] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limosnapa.com"] [uri "/.git/config"] [unique_id "aicbTJk4YXJjm95q3tUwsAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
IVski
2026-06-08 19:42:11
(3 weeks ago)
IVski WAF | Sensitive file probe detected - looking for .git
Port Scan
Brute-Force
Web App Attack