๐จ๐ญ
TheCoon
2026-05-31 18:15:01
(1 month ago)
Automated: Credential theft attempt - JSON bomb served
Web App Attack
Hacking
๐น๐ผ
ip4.tw
2026-05-28 00:45:01
(1 month ago)
Malicious web scan
Hacking
Web App Attack
๐ซ๐ท
masterguru
2026-05-27 07:29:10
(1 month ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.197.185.215 (AU/Australia/215.185. ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.197.185.215 (AU/Australia/215.185.197.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-197)
show less
Hacking
๐น๐ท
Detmach
2026-05-27 07:11:54
(1 month ago)
Security attack detected. Multiple failed attempts from 35.197.185.215. IP banned for 1440 minutes a ...
show more
Security attack detected. Multiple failed attempts from 35.197.185.215. IP banned for 1440 minutes at 27.05.2026 10:11:50. Failed attempts: 1
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-27 07:08:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 03:08:02.309771 2026] [security2:error] [pid 11807:tid 11807] [client 35.197.185.215:49830] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.holisticbx.com"] [uri "/.git/config"] [unique_id "ahaYUnpwVzunO4V1zpAigwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 05:21:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 01:21:23.646291 2026] [security2:error] [pid 1478:tid 1478] [client 35.197.185.215:46574] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rjdyckarchitect.com"] [uri "/.git/config"] [unique_id "ahZ_U2YF_tPmEjjcHfDU8QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 04:54:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 00:54:47.727231 2026] [security2:error] [pid 27643:tid 27659] [client 35.197.185.215:55922] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aisapy.com"] [uri "/.git/config"] [unique_id "ahZ5FyWp2LhZNyYDlS3iFQAAAEQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
NXTwoThou
2026-05-27 04:27:19
(1 month ago)
/.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 04:23:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 00:23:27.334128 2026] [security2:error] [pid 8900:tid 8900] [client 35.197.185.215:58176] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lahaciendaolivia.com"] [uri "/.git/config"] [unique_id "ahZxv4OX4UPZds4097b_MgAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ParaBug
2026-05-27 04:16:23
(1 month ago)
35.197.185.215 - - [27/May/2026:06:16:22 +0200] "GET /.git/config HTTP/1.1" 301 3110 "-" "facebooksc ...
show more
35.197.185.215 - - [27/May/2026:06:16:22 +0200] "GET /.git/config HTTP/1.1" 301 3110 "-" "facebookscraper/1.0( http://www.facebook.com/sharescraper_help.php)"
...
show less
Phishing
Brute-Force
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-05-27 03:05:22
(1 month ago)
Login credentials theft attempt
Hacking
๐บ๐ธ
Actors.Bible
2026-05-27 00:53:45
(1 month ago)
Webapp Vulnerability Probing:
GET /.git/config
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 23:56:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.197.185.215 (215.185.197.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 19:56:41.371283 2026] [security2:error] [pid 12612:tid 12612] [client 35.197.185.215:35898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.deniz-bilgisayar.com"] [uri "/.git/config"] [unique_id "ahYzOVSae8fm8KAIt4B_bwAAAGs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Blexyel
2026-05-26 23:28:49
(1 month ago)
35.197.185.215 - - [27/May/2026:01:28:48 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 ...
show more
35.197.185.215 - - [27/May/2026:01:28:48 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 (Linux; Android 8.1.0; GM 6 d) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "pingusmc.org"
...
show less
Brute-Force
Web App Attack
๐ง๐ช
Saec
2026-05-26 23:21:53
(1 month ago)
Jarvis auto-ban: CF honeypot path /.git/config (1ร on saec.me)
Port Scan
Web App Attack