Anonymous
2026-07-08 19:07:15
(4 hours ago)
Trying to access config files
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:32
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-06.
show less
Web App Attack
SSH
Hacking
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-07 04:08:02
(1 day ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx02]
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-07 01:09:01
(1 day ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [mx03,wa01,wa02]
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:49:03
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:48:55.690391 2026] [security2:error] [pid 6522:tid 6522] [client 34.87.10.248:54756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teaforfrances.com.cygnetsilks.com"] [uri "/.git/config"] [unique_id "akw-54w4wS7XsHIjgSo62gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-06 23:48:30
(2 days ago)
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10 ...
show more
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10m window.
Origin: SG / AS396982 Google LLC
Active: 23:47:41 UTC
Volume: 1 HTTP req
Probed: /.git/config
Status mix: 444ร1
Vhost fishing: teachme.ztx-lab.com
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
ambor
2026-07-06 23:25:54
(2 days ago)
Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Unknow ...
show more
Honeypot triggered on tcpdata.com - Attempted to access /.git/config (git_probe). User-Agent: Unknown
show less
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-06 23:13:07
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
Anonymous
2026-07-06 23:07:03
(2 days ago)
Automated web scanner. Requested suspicious paths: /.git/config. UTC: 2026-07-06 22:23:45.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:06:05
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:06:00.184766 2026] [security2:error] [pid 12782:tid 12782] [client 34.87.10.248:43124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tbnkardesler.com"] [uri "/.git/config"] [unique_id "akw02DNmLmX9jogdJo6-fQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 23:06:04
(2 days ago)
Trying to access config files
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-06 22:57:07
(2 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-06 22:40:52
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.87.10.248 (248.10.87.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 18:40:46.554062 2026] [security2:error] [pid 7143:tid 7143] [client 34.87.10.248:44652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taxgroupsd.com"] [uri "/.git/config"] [unique_id "akwu7leIxVdx6vSa-aqZmAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
TheCoon
2026-07-06 22:15:01
(2 days ago)
Automated: Credential theft attempt - JSON bomb served
Web App Attack
Hacking
๐บ๐ธ
Charlesiv
2026-07-06 22:13:26
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Prot ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
Timestamp: 2026-07-06T22:11:18Z
Ray ID: a171f1cb7e54fdb3
UA: Empty string
show less
Bad Web Bot