π³π±
Mangelot Hosting
2026-06-15 09:30:28
(3 days ago)
(modsecurity) srv201 ModSecurity 34.47.119.25 (KR/South Korea/25.119.47.34.bc.googleusercontent.com) ...
show more
(modsecurity) srv201 ModSecurity 34.47.119.25 (KR/South Korea/25.119.47.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 09:27:53
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:27:47.307072 2026] [security2:error] [pid 12989:tid 12989] [client 34.47.119.25:53464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.amazingmachining.amazinghydraulics.com"] [uri "/src/.git/config"] [unique_id "ai_FkwiGdxIAZozpqjTasQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 08:56:48
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:56:44.386164 2026] [security2:error] [pid 19371:tid 19371] [client 34.47.119.25:46492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "onlinesuretybonds.com"] [uri "/src/.git/config"] [unique_id "ai--TMtXc-k1hOYd1bEbDwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
wteiken
2026-06-15 08:02:12
(3 days ago)
2026-06-15T04:02:11.885996-04:00 rocinante.teiken.net kernel: [1440086.321986] syn_limit:IN=ens5 OUT ...
show more
2026-06-15T04:02:11.885996-04:00 rocinante.teiken.net kernel: [1440086.321986] syn_limit:IN=ens5 OUT= MAC=0a:ff:cf:a1:a5:bb:0a:f3:ae:05:2f:b7:08:00 SRC=34.47.119.25 DST=192.168.16.119 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=26432 DF PROTO=TCP SPT=35126 DPT=443 WINDOW=65320 RES=0x00 SYN URGP=0
2026-06-15T04:02:11.948768-04:00 rocinante.teiken.net kernel: [1440086.384761] syn_limit:IN=ens5 OUT= MAC=0a:ff:cf:a1:a5:bb:0a:f3:ae:05:2f:b7:08:00 SRC=34.47.119.25 DST=192.168.16.119 LEN=60 TOS=0x00 PREC=0x60 TTL=58 ID=31440 DF PROTO=TCP SPT=35134 DPT=443 WINDOW=65320 RES=0x00 SYN URGP=0
2026-06-15T04:02:11.964078-04:00 rocinante.teiken.net kernel: [1440086.400077] syn_limit:IN=ens5 OUT= MAC=0a:ff:cf:a1:a5:bb:0a:f3:ae:05:2f:b7:08:00 SRC=34.47.119.25 DST=192.168.16.119 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=54089 DF PROTO=TCP SPT=35136 DPT=443 WINDOW=65320 RES=0x00 SYN URGP=0
2026-06-15T04:02:11.998684-04:00 rocinante.teiken.net kernel: [1440086.434687] syn_limit:IN=ens5 OUT= MAC=0a:ff:cf:a1:a5:bb:0a:
...
show less
Port Scan
π³πΏ
Antinson
2026-06-15 07:54:56
(3 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-15 04:27:22
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:27:16.384439 2026] [security2:error] [pid 30826:tid 30826] [client 34.47.119.25:42424] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dpcfab.com"] [uri "/.git/config"] [unique_id "ai9_JIdva4huuJuz2F2wZQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
WellSpring
2026-06-15 04:08:59
(3 days ago)
git exposure on 480.today/dist/.git/config β WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack
π«π·
masterguru
2026-06-15 04:06:26
(3 days ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
π³π±
wlt-blocker
2026-06-15 02:09:46
(3 days ago)
Unauthorized access to webpage admin
Web App Attack
πΊπΈ
Matthew Ping
2026-06-15 01:15:23
(3 days ago)
ModSecurity rule 949110 triggered on wp2. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
π¬π§
andypiper
2026-06-15 01:02:19
(3 days ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
π¬π§
consul.to
2026-06-15 00:23:12
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
π«π·
β¨
2026-06-15 00:13:11
(3 days ago)
Domain : sherwoods.uk.com
Rule : config
2026-06-15 00:12:05 ***hidden-privacy*** GET /backend/.git/c ...
show more
Domain : sherwoods.uk.com
Rule : config
2026-06-15 00:12:05 ***hidden-privacy*** GET /backend/.git/config - 443 - 34.47.119.25 HTTP/1.1 Mozilla/5.0 (iPad; CPU OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5362a Safari/604.1 - sherwoods.uk.com 404 8 0 1517 268 256 - -
show less
Hacking
SQL Injection
πΊπΈ
TPI-Abuse
2026-06-15 00:12:25
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.47.119.25 (25.119.47.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:12:19.342904 2026] [security2:error] [pid 27715:tid 27715] [client 34.47.119.25:44488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brbcash.com.bamedica.com"] [uri "/dashboard/.git/config"] [unique_id "ai9DY7sYG7gE_-LJMvO9GgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
gnom4ik
2026-06-15 00:12:17
(3 days ago)
ban-reviewer auto report; ip=34.47.119.25; scenario=crowdsecurity/http-probing; scenario_context=cro ...
show more
ban-reviewer auto report; ip=34.47.119.25; scenario=crowdsecurity/http-probing; scenario_context=crowdsecurity/http-probing,crowdsecurity/http-sensitive-files; verdict=valid_ban; confidence=0.92; categories=21; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Web App Attack