π³π±
homeshowdomain.nl
2026-06-09 21:59:37
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
π¦πΊ
paulshipley.com.au
2026-06-09 14:34:56
(1 week ago)
[Wed Jun 10 00:34:55.848883 2026] [security2:error] [pid 268954] [client 35.253.48.191:44688] [clien ...
show more
[Wed Jun 10 00:34:55.848883 2026] [security2:error] [pid 268954] [client 35.253.48.191:44688] [client 35.253.48.191] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "embodiment.mareeshefford.com"] [uri "/.git/config"] [unique_id "aigkjx5vNc6Bhs9SC60zjAAAAAw"]
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 13:45:59
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:45:53.920663 2026] [security2:error] [pid 18650:tid 18650] [client 35.253.48.191:44426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.surviquo.com"] [uri "/.git/config"] [unique_id "aigZEQhFTTHAm_Epixx6qgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-09 12:36:48
(1 week ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.253.48.191 (US/United States/191.4 ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 35.253.48.191 (US/United States/191.48.253.35.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π©πͺ
4server
2026-06-09 12:18:22
(1 week ago)
[TueJun0914:18:18.9650232026][security2:error][pid2886917:tid2886957][client35.253.48.191:0]ModSecur ...
show more
[TueJun0914:18:18.9650232026][security2:error][pid2886917:tid2886957][client35.253.48.191:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.maxay.ch.136-243-54-122.cpanel.site\"][uri\"/.git/config\"][unique_id\"aigEii9Lwmu-HZzEi5rsiwAAAAs\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 11:36:46
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:36:39.940444 2026] [security2:error] [pid 5194:tid 5194] [client 35.253.48.191:51816] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.perlcreative.com"] [uri "/.git/config"] [unique_id "aif6x3_m4dOJu-uMjafxxQAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 11:09:36
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:09:29.962210 2026] [security2:error] [pid 21320:tid 21320] [client 35.253.48.191:57612] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.register-yacht-st-kitts-and-nevis.com"] [uri "/.git/config"] [unique_id "aif0aeWMxdMPyjL99WxcPwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
wlt-blocker
2026-06-09 10:54:40
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
π«π·
rellik
2026-06-09 06:43:00
(1 week ago)
Scanning Critical Directory
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 06:17:17
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:17:11.219101 2026] [security2:error] [pid 10766:tid 10766] [client 35.253.48.191:34874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darrenj.com"] [uri "/.git/config"] [unique_id "aiev5yRGRDB4esGrb1nrmgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Antinson
2026-06-09 05:21:19
(1 week ago)
Scraping with a high error ratio and request rate
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-09 04:53:12
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:53:09.778160 2026] [security2:error] [pid 23492:tid 23492] [client 35.253.48.191:57758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alarmnummer.com"] [uri "/.git/config"] [unique_id "aiecNYLH6wNcy0Q-8eBOzgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 04:31:59
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 00:31:52.627896 2026] [security2:error] [pid 2532:tid 2532] [client 35.253.48.191:36128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "muzenique.com"] [uri "/.git/config"] [unique_id "aieXODHM9Z9kI_nQnHHEAQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 03:53:18
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.253.48.191 (191.48.253.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:53:10.450366 2026] [security2:error] [pid 2430:tid 2430] [client 35.253.48.191:35976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "austli.com"] [uri "/.git/config"] [unique_id "aieOJliT6JFe-mDhBRfh1gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
4server
2026-06-09 03:34:09
(1 week ago)
[TueJun0905:34:01.8103602026][security2:error][pid3293739:tid3293995][client35.253.48.191:0]ModSecur ...
show more
[TueJun0905:34:01.8103602026][security2:error][pid3293739:tid3293995][client35.253.48.191:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"urbani.ch\"][uri\"/.git/config\"][unique_id\"aieJqbzIsrdPrS--bKxb5gAAAIw\"]
show less
Hacking
Web App Attack