Anonymous
2026-07-08 19:07:20
(55 minutes ago)
Trying to access config files
Web App Attack
π¬π§
thetomtaylor.co.uk
2026-07-07 21:09:02
(22 hours ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,m ...
show more
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,mx03]
show less
Bad Web Bot
Web App Attack
πΊπΈ
Charlesiv
2026-07-07 20:04:30
(23 hours ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Prot ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
Timestamp: 2026-07-07T18:26:33Z
Ray ID: a178e5eed9bd0ea2
UA: Empty string
show less
Bad Web Bot
π¬π§
thetomtaylor.co.uk
2026-07-07 19:07:02
(1 day ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
π³π±
wlt-blocker
2026-07-07 18:21:04
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
π©πͺ
Kreapptivo
2026-07-07 18:15:00
(1 day ago)
[07/Jul/2026:20:14:57 +0200] Web-Request: "GET /.git/config", User-Agent: "-"
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 18:12:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:12:44.361997 2026] [security2:error] [pid 3517:tid 3589] [client 34.68.129.75:33824] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toniskitchenlakegregory.com"] [uri "/.git/config"] [unique_id "ak1BnGF67--Lerg1X_gihAAAAQk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 17:45:51
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:45:47.177998 2026] [security2:error] [pid 18538:tid 18538] [client 34.68.129.75:34452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomartsmedia.org"] [uri "/.git/config"] [unique_id "ak07SwGPDdhQ2KaLHVXpxgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 17:23:25
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:23:22.569723 2026] [security2:error] [pid 11181:tid 11181] [client 34.68.129.75:50474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "togo.scala-global.com"] [uri "/.git/config"] [unique_id "ak02CrT_NP2iuq_VtSNLJAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
consul.to
2026-07-07 17:16:50
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-07 17:06:05
(1 day ago)
Trying to access config files
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 17:06:03
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:05:59.581944 2026] [security2:error] [pid 2744:tid 2744] [client 34.68.129.75:45418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tobyscott.vccemail.net"] [uri "/.git/config"] [unique_id "ak0x9xFthWl-0BE4ac--HAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
JustMeHere
2026-07-07 17:00:42
(1 day ago)
[Tue Jul 07 13:00:38.377041 2026] [security2:error] [pid 23873:tid 23922] [client 34.68.129.75:38642 ...
show more
[Tue Jul 07 13:00:38.377041 2026] [security2:error] [pid 23873:tid 23922] [client 34.68.129.75:38642] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "toastdev.yorknation.com"] [uri "/.git/config"] [unique_id "ak0wtlO_HA33Q_6FCEK_8wAAANU"]
...
show less
Web App Attack
πΊπΈ
Matthew Ping
2026-07-07 17:00:02
(1 day ago)
ModSecurity rule 949110 triggered on wp2. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-07-07 16:50:43
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.68.129.75 (75.129.68.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:50:39.768111 2026] [security2:error] [pid 1070:tid 1075] [client 34.68.129.75:44640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tnccivic.org"] [uri "/.git/config"] [unique_id "ak0uXx7B0EIeHxTzWg1A2wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack