π·πΊ
DZBOT
2026-06-11 00:20:34
(2 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π©πͺ
FeG Deutschland
2026-06-10 19:28:05
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
π³π±
wlt-blocker
2026-06-10 11:56:34
(2 weeks ago)
Unauthorized access to webpage admin
Web App Attack
π«π·
masterguru
2026-06-10 02:05:50
(2 weeks ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)
Hacking
π³π±
homeshowdomain.nl
2026-06-09 21:59:11
(2 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-08.
show less
Web App Attack
SSH
Hacking
π«π·
masterguru
2026-06-09 01:17:45
(2 weeks ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 34.107.35.19 (DE/Germany/19.35.107.34.bc.googl ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 34.107.35.19 (DE/Germany/19.35.107.34.bc.googleusercontent.com): 1 in the last 3600 secs (0-195)
show less
Hacking
πΊπΈ
TPI-Abuse
2026-06-08 20:49:58
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:49:54.413944 2026] [security2:error] [pid 11190:tid 11190] [client 34.107.35.19:37952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canonflorida.com"] [uri "/.git/config"] [unique_id "aicq8sHp-Vd6n5lgwdos8wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 18:39:40
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:39:32.670469 2026] [security2:error] [pid 8549:tid 8572] [client 34.107.35.19:58766] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "financialcertified.com"] [uri "/.git/config"] [unique_id "aicMZGTpaK0cPP_ZcLgXyQAAAFQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 14:18:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:18:31.866546 2026] [security2:error] [pid 29734:tid 29734] [client 34.107.35.19:40182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peterndudar.com"] [uri "/.git/config"] [unique_id "aibPNwkZYtVkkKQMsaUy3AAAAE0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 12:49:54
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:49:47.863932 2026] [security2:error] [pid 23349:tid 23349] [client 34.107.35.19:54616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.calvetparis1937.marcelacalvet.com"] [uri "/.git/config"] [unique_id "aia6a88A9X75gGpeiT2kOAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 12:25:24
(2 weeks ago)
(mod_security) mod_security (id:949110) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:949110) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:25:20.448832 2026] [security2:error] [pid 8306:tid 8306] [client 34.107.35.19:47356] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "cwbaz.com.maricotippett.com"] [uri "/.git/config"] [unique_id "aia0sI16vTas2pSDO32A9wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 11:21:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:21:31.203354 2026] [security2:error] [pid 11251:tid 11251] [client 34.107.35.19:43108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liyatalton.com"] [uri "/.git/config"] [unique_id "aialu6NHUsIDJtNuS4c6kQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 10:58:56
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:58:49.677923 2026] [security2:error] [pid 26374:tid 26374] [client 34.107.35.19:60704] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rememberingjohnhanson.coolingsprings.org"] [uri "/.git/config"] [unique_id "aiagaSc722walhYs1y2-7wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
4server
2026-06-08 10:33:15
(2 weeks ago)
[MonJun0812:33:11.7013192026][security2:error][pid1074686:tid1074763][client34.107.35.19:0]ModSecuri ...
show more
[MonJun0812:33:11.7013192026][security2:error][pid1074686:tid1074763][client34.107.35.19:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:10\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"autodiscover.cst-ranghetti.ch\"][uri\"/.git/config\"][unique_id\"aiaaZ0flGIiGEdWAXrrdmQAAAIQ\"]
show less
Port Scan
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 10:22:32
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.107.35.19 (19.35.107.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:22:26.981307 2026] [security2:error] [pid 18002:tid 18002] [client 34.107.35.19:35890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bodyworkbydallas.com"] [uri "/.git/config"] [unique_id "aiaX4oxQQkxZc2W_etbUWQAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack