๐ณ๐ฑ
homeshowdomain.nl
2026-07-03 22:01:39
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-02.
show less
Web App Attack
SSH
Hacking
๐ซ๐ท
Baking333
2026-07-02 22:41:49
(1 week ago)
[redacted] 35.185.141.157 - - [02/Jul/2026:23:41:47 +0100] "GET /.git/config HTTP/1.1" 302 6788 0/48 ...
show more
[redacted] 35.185.141.157 - - [02/Jul/2026:23:41:47 +0100] "GET /.git/config HTTP/1.1" 302 6788 0/48194 "-" "-" [redacted] 35.185.141.157 - - [02/Jul/2026:23:41:47 +0100] "GET /.git/config HTTP/1.1" 302 6783 0/60313 "-" "-"
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-07-02 22:33:17
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from TW.
Action taken: LOG
Protocol: HTTP/1.1 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from TW.
Action taken: LOG
Protocol: HTTP/1.1 (GET method)
Endpoint: /.git/config
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-02 22:31:28
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:31:21.594235 2026] [security2:error] [pid 19162:tid 19162] [client 35.185.141.157:58452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kingstoneproperties.sendalawyerletter.com"] [uri "/.git/config"] [unique_id "akbmuSZMv6D7hdJlq38w2gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-02 22:23:58
(1 week ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 2 hits.
show less
Web App Attack
๐ฉ๐ช
KiekerJan
2026-07-02 22:20:51
(1 week ago)
35.185.141.157 - - [02/Jul/2026:21:16:14 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "-"
35.185.1 ...
show more
35.185.141.157 - - [02/Jul/2026:21:16:14 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "-"
35.185.141.157 - - [03/Jul/2026:00:20:50 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "-"
...
show less
Web App Attack
๐ฉ๐ช
sdos.es
2026-07-02 22:07:31
(1 week ago)
"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"
Web App Attack
๐ฉ๐ช
ketovoila.pl
2026-07-02 22:07:07
(1 week ago)
ketovoila.pl web app secret/repository scan: hits=1; unique_paths=1; sample_paths=/.git/config; UA=" ...
show more
ketovoila.pl web app secret/repository scan: hits=1; unique_paths=1; sample_paths=/.git/config; UA=""; window=2026-07-02T22:07:07Z..2026-07-02T22:07:07Z
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-02 22:00:49
(1 week ago)
Auto-ban: >3000 req/min op 2026-07-02
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 21:57:35
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:57:31.676484 2026] [security2:error] [pid 13166:tid 13166] [client 35.185.141.157:48498] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kellerdrywall.ca.kildarafarms.com"] [uri "/.git/config"] [unique_id "akbey0E-G65QVuHpM5mmaQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-02 21:55:32
(1 week ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.185.141.157 (TW/Taiwan/157.141.1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.185.141.157 (TW/Taiwan/157.141.185.35.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 21:30:04
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.185.141.157 (157.141.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:29:59.992393 2026] [security2:error] [pid 15193:tid 15193] [client 35.185.141.157:35294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kaplankrew.royal-barbershop.com"] [uri "/.git/config"] [unique_id "akbYV_V8vFH0pMkmM2tG2wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-02 21:25:15
(1 week ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ท๐ด
INTEQ
2026-07-02 21:19:10
(1 week ago)
Web attack from 35.185.141.157
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-02 21:16:04
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack