๐ณ๐ฑ
Savvii
2026-06-26 02:26:15
(2 weeks ago)
20 attempts against mh-misbehave-ban on frost
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 01:15:56
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:15:52.637845 2026] [security2:error] [pid 19832:tid 19832] [client 34.125.50.43:47046] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ngm.office-on-the.net.anthonyanimalclinic.net"] [uri "/app/.env.staging"] [unique_id "aj3SyM7NapL475bc7NkL-AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-26 00:51:04
(2 weeks ago)
Try to access /api/v1/.env
Web App Attack
๐ณ๐ฑ
taivas.nl
2026-06-25 18:30:05
(2 weeks ago)
web_app_attack
Email Spam
๐ฌ๐ง
Yosi
2026-06-25 17:59:41
(2 weeks ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ฌ๐ง
markawes
2026-06-25 17:35:16
(2 weeks ago)
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
34.125.50.43 ...
show more
[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence:
34.125.50.43 - - [25/Jun/2026:17:35:14 +0000] "GET /.env.save HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36 OPR/58.0.3135.107"
34.125.50.43 - - [25/Jun/2026:17:35:14 +0000] "GET /.env.bak HTTP/1.1" 404 134 "-" "Mozilla/5.0 (iPod; U; CPU iPhone OS 2_2_1 like Mac OS X; en-us) AppleWebKit/525.18.1 (KHTML, like Gecko) Version/3.1.1 Mobile/5H11a Safari/525.20"
show less
Web App Attack
Port Scan
๐ซ๐ท
Baking333
2026-06-25 17:05:44
(2 weeks ago)
[redacted] 34.125.50.43 - - [25/Jun/2026:18:05:42 +0100] "GET /.[redacted] HTTP/1.1" 200 5427 0/1878 ...
show more
[redacted] 34.125.50.43 - - [25/Jun/2026:18:05:42 +0100] "GET /.[redacted] HTTP/1.1" 200 5427 0/18783 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) snap Chromium/76.0.3809.87 Chrome/76.0.3809.87 Safari/537.36" [redacted] 34.125.50.43 - - [25/Jun/2026:18:05:42 +0100] "GET /.[redacted] HTTP/1.1" 200 5427 0/21277 "-" "WebZIP/3.5 (http://[redacted])" [redacted] 34.125.50.43 - - [25/Jun/2026:18:05:42 +0100] "GET /.[redacted] HTTP/1.1" 200 5427 0/20067 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36" [redacted] 34.125.50.43 - - [25/Jun/2026:18:05:42 +0100] "GET /.[redacted] HTTP/1.1" 200 5427 0/20395 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 07:27:42
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:27:35.896804 2026] [security2:error] [pid 25584:tid 25584] [client 34.125.50.43:42090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heatherweathers.com"] [uri "/src/.git/config"] [unique_id "ajD6596CuRj6bkVTMYi7lwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-16 07:14:53
(1 month ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 07:06:36
(1 month ago)
Abuse Detected (30)
Brute-Force
Web App Attack
๐ฎ๐น
VHosting
2026-06-16 06:55:03
(1 month ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 06:41:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.125.50.43 (43.50.125.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:41:26.895693 2026] [security2:error] [pid 3768:tid 3768] [client 34.125.50.43:35778] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hartflicker.com"] [uri "/api/.git/config"] [unique_id "ajDwFvGUKtmMd_BzyycU5wAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
Asimar
2026-06-16 06:38:27
(1 month ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.125.50.43 (US/Uni ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 34.125.50.43 (US/United States/43.50.125.34.bc.googleusercontent.com): (CF_ENABLE)
show less
Bad Web Bot
๐ซ๐ท
masterguru
2026-06-16 06:34:00
(1 month ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-16 06:21:38
(1 month ago)
Unauthorized access to webpage admin
Web App Attack