๐ณ๐ฑ
Site.eu
2026-06-27 05:59:40
(6 days ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-26 00:49:14
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 34.101.164.108 (108.164.101.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 34.101.164.108 (108.164.101.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 20:49:11.841929 2026] [security2:error] [pid 10081:tid 10081] [client 34.101.164.108:43038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gmsdigita.com"] [uri "/src/.env.backup"] [unique_id "aj3Mh0lUODcLjkf_ROa3CQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-06-26 00:43:20
(1 week ago)
20 attempts against mh_ha-misbehave-ban on pf102930
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Cloud86 B.V.
2026-06-25 23:13:05
(1 week ago)
categories: DDoS Attack
DDoS Attack
๐ฉ๐ช
MarKup
2026-06-15 02:21:19
(2 weeks ago)
Multiple invalid 404 HTTP requests - Fail2Ban
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-14 21:55:46
(2 weeks ago)
Excessive multi-domain requests
Brute-Force
Anonymous
2026-06-14 18:49:48
(2 weeks ago)
T: f2b 404 5x
Web App Attack
๐ณ๐ฑ
tmiland
2026-06-14 07:44:32
(2 weeks ago)
(nginx_404s) Nginx Security rule triggered from 34.101.164.108 (ID/Indonesia/108.164.101.34.bc.googl ...
show more
(nginx_404s) Nginx Security rule triggered from 34.101.164.108 (ID/Indonesia/108.164.101.34.bc.googleusercontent.com): 50 in the last 3600 secs; IP: 34.101.164.108; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/06/14 09:44:26 [error] 1820616#1820616: *45756 open() "/home/tmiland/public_html/google-credentials.json" failed (2: No such file or directory), client: 34.101.164.108, server: *.*, request: "GET /google-credentials.json HTTP/1.1", host: "www.*.*" 2026/06/14 09:44:26 [error] 1820616#1820616: *45757 open() "/home/tmiland/public_html/gcp-credentials.json" failed (2: No such file or directory), client: 34.101.164.108, server: *.*, request: "GET /gcp-credentials.json HTTP/1.1", host: "www.*.*" 2026/06/14 09:44:26 [error] 1820617#1820617: *45758 open() "/home/tmiland/public_html/serviceaccount.json" failed (2: No such file or directory), client: 34.101.164.108, server: *.*, request: "GET /serviceaccount.json HTTP/1.1", host: "www.*.*" 2026/06/14 09:44:26 [error] 1820617#1820617: *45766 o
show less
Brute-Force
๐ฉ๐ช
updown.io
2026-06-14 05:16:34
(2 weeks ago)
{"level":"info","ts":1781414191.4888623,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1781414191.4888623,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.101.164.108","remote_port":"56568","client_ip":"34.101.164.108","proto":"HTTP/1.1","method":"GET","host":"status.hecdev.net","uri":"/configprops","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (BlackBerry; U; BlackBerry 9930; en-US) AppleWebKit/534.11+ (KHTML, like Gecko) Version/7.1.0.267 Mobile Safari/534.11+"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.hecdev.net","ech":false}},"bytes_read":0,"user_id":"","duration":0.000617489,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1781414191.5306065,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.101.164.108","remote_port":"56572","client_ip":"34.101.164.108","proto":"HTTP/1.1","me
...
show less
DDoS Attack
Web App Attack
๐ง๐ท
Halux
2026-06-14 04:55:27
(2 weeks ago)
34.101.164.108 Probing protected path or service
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 03:45:06
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 34.101.164.108 (108.164.101.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:210730) triggered by 34.101.164.108 (108.164.101.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:45:01.262868 2026] [security2:error] [pid 8066:tid 8066] [client 34.101.164.108:60212] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tribalpacifica.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tribalpacifica.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai4jvWzs3yUhUoOVtnlPagAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-14 03:18:25
(2 weeks ago)
Aggressive web search of vulnerable pages: /secrets/azure.json /infrastructure/docker-compose.yml /s ...
show more
Aggressive web search of vulnerable pages: /secrets/azure.json /infrastructure/docker-compose.yml /secrets/aws.json /deploy/docker-compose.yml ...
show less
Web App Attack
๐ฉ๐ช
EGP Abuse Dept
2026-06-14 03:18:04
(2 weeks ago)
Scanning for web/db/file exploits on www.gerardmetselaar.nl
SQL Injection
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-14 02:06:33
(2 weeks ago)
Too many Status 40X (22)
Scanning/Probing (67)
Request Overload (433)
Brute-Force
Web App Attack
๐ณ๐ฑ
0xffffffff
2026-06-13 23:05:32
(2 weeks ago)
[2026-06-14 02:05:30.028926] [authz_core:error] [pid 350561:tid 136824412423872] [client 34.101.164. ...
show more
[2026-06-14 02:05:30.028926] [authz_core:error] [pid 350561:tid 136824412423872] [client 34.101.164.108:50464] AH01630: client denied by server configuration: /var/www/*/dump , error_notes:wrong-host , URI:'/dump'
[2026-06-14 02:05:30.036283] [authz_core:error] [pid 350562:tid 136825138833088] [client 34.101.164.108:50506] AH01630: client denied by server configuration: /var/www/*/internal , error_notes:wrong-host , URI:'/internal/actuator/env'
[2026-06-14 02:05:30.041087] [authz_core:error] [pid 350562:tid 136824437601984] [client 34.101.164.108:50492] AH01630: client denied by server configuration: /var/www/*/app , error_notes:wrong-host , URI:'/app/actuator/heapdump'
[2026-06-14 02:05:30.042636] [authz_core:error] [pid 350562:tid 136825122047680] [client 34.101.164.108:50544] AH01630: client denied by server configuration: /var/www/*/actuator , error_notes:wrong-host , URI:'/actuator/heapdump'
[2026-06-14 02:05:30.043736] [authz_core:error] [pid 350562:tid 136825033189056] [client 34.101.164.108:50478] AH0
show less
Web App Attack
Bad Web Bot