π³π±
homeshowdomain.nl
2026-06-14 22:00:15
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-13.
show less
Web App Attack
SSH
Hacking
π³π±
homeshowdomain.nl
2026-06-13 22:03:11
(1 week ago)
Auto-ban: >3000 req/min op 2026-06-13
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-06-13 16:30:37
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 12:30:33.001718 2026] [security2:error] [pid 7391:tid 7391] [client 34.40.211.65:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.caspina.com"] [uri "/.git/config"] [unique_id "ai2FqNxiglCRCLS4jwvovQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 13:13:52
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:13:47.472982 2026] [security2:error] [pid 11893:tid 11893] [client 34.40.211.65:57252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xygil.com"] [uri "/.git/config"] [unique_id "ai1Xi4bZFZ5aUZIFP8erDAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 11:38:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:37:55.914302 2026] [security2:error] [pid 6152:tid 6152] [client 34.40.211.65:56604] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.holtzheimer.buynorthwest.com"] [uri "/.git/config"] [unique_id "ai1BE9qCxiH2uc1BQhbl8AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-13 11:37:59
(1 week ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.40.211.65 (AU/Australia/65.211.40. ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 34.40.211.65 (AU/Australia/65.211.40.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π¨π
TheCoon
2026-06-13 11:00:01
(1 week ago)
Automated: Credential theft attempt - JSON bomb served
Web App Attack
Hacking
π©πͺ
Blexyel
2026-06-13 10:41:00
(1 week ago)
34.40.211.65 - - [13/Jun/2026:12:40:59 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Opera/9.80 (A ...
show more
34.40.211.65 - - [13/Jun/2026:12:40:59 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Opera/9.80 (Android; Opera Mini/7.5.33361/31.1543; U; en) Presto/2.8.119 Version/11.1010" "share.fomx.gay"
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 09:32:18
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:32:12.377868 2026] [security2:error] [pid 24248:tid 24248] [client 34.40.211.65:39058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "torresyrellenos.com.disenowebprofesional.com"] [uri "/.git/config"] [unique_id "ai0jnIQm4wc2ktI8RRBLDwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-13 09:07:32
(1 week ago)
Abuse Detected (1)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 08:54:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:54:07.191909 2026] [security2:error] [pid 27897:tid 27897] [client 34.40.211.65:43624] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.woahmanatee.robertmcatee.com"] [uri "/.git/config"] [unique_id "ai0ar-HZFghs6CDL2cbUIgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Antinson
2026-06-13 08:45:41
(1 week ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
2026-06-13 08:05:01
(1 week ago)
suspicious request in access.log
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 07:58:07
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:949110) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:58:00.828362 2026] [security2:error] [pid 11025:tid 11025] [client 34.40.211.65:34772] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "jonathanscreations.com"] [uri "/.git/config"] [unique_id "ai0NiIt62kVH1KyQ--mvfAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-13 07:37:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.40.211.65 (65.211.40.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:37:07.796436 2026] [security2:error] [pid 9008:tid 9008] [client 34.40.211.65:33336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "natesupport.com"] [uri "/.git/config"] [unique_id "ai0IoyQnxH4s-dzwwAaBlAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack