๐ฉ๐ช
sdos.es
2026-07-19 01:41:49
(4 minutes ago)
"Restricted File Access Attempt - Matched Data: .ssh/id_dsa found within REQUEST_FILENAME: /.ssh/id_ ...
show more
"Restricted File Access Attempt - Matched Data: .ssh/id_dsa found within REQUEST_FILENAME: /.ssh/id_dsa"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:26:53
(19 minutes ago)
(mod_security) mod_security (id:210730) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210730) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:26:48.697945 2026] [security2:error] [pid 28619:tid 28713] [client 34.175.0.11:56458] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||venezuelaguia.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "venezuelaguia.com"] [uri "/z9x8c7v6b5-debug-trigger-venezuelaguia.com"] [unique_id "alwn2Iaj3Vvt5f4CJbc_wQAAAFg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
antihack.anarchista.xyz
2026-07-19 01:12:49
(33 minutes ago)
404 burst: 20 hits in 5 min, URI /privatekey.key, Ref , UA Mozilla/5.0 AppleWebKit/537.36 (KHTML, li ...
show more
404 burst: 20 hits in 5 min, URI /privatekey.key, Ref , UA Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]
show less
Brute-Force
Web App Attack
Bad Web Bot
๐ฉ๐ช
LRob
2026-07-19 01:01:37
(44 minutes ago)
CrowdSec: crowdsecurity/http-probing | req: / | 11 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0 ...
show more
CrowdSec: crowdsecurity/http-probing | req: / | 11 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36
show less
Port Scan
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-19 00:50:44
(55 minutes ago)
2026-07-19 00:50:44 34.175.0.11 Bad bot, blocking Mozilla/5.0
Bad Web Bot
๐ณ๐ฑ
Savvii
2026-07-19 00:45:11
(1 hour ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
billfor
2026-07-19 00:43:12
(1 hour ago)
34.175.0.11 - - [18/Jul/2026:20:43:05 -0400] "GET /.env HTTP/2.0" 404 0 "-" "Mozilla/5.0 AppleWebKit ...
show more
34.175.0.11 - - [18/Jul/2026:20:43:05 -0400] "GET /.env HTTP/2.0" 404 0 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user"
show less
Web App Attack
๐ง๐ท
vfAcceloReporter
2026-07-18 23:22:58
(2 hours ago)
34.175.0.11 - - [18/Jul/2026:20:22:57 -0300] "GET /.env HTTP/2.0" 301 169 "-" "Mozilla/5.0 AppleWebK ...
show more
34.175.0.11 - - [18/Jul/2026:20:22:57 -0300] "GET /.env HTTP/2.0" 301 169 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot"
...
show less
Brute-Force
Web App Attack
Exploited Host
๐บ๐ธ
Victor Lรณpez
2026-07-18 23:17:39
(2 hours ago)
videoprenatal.com 34.175.0.11 - - [18/Jul/2026:18:17:38 -0500] "GET /.git/HEAD HTTP/2.0" 404 18869 " ...
show more
videoprenatal.com 34.175.0.11 - - [18/Jul/2026:18:17:38 -0500] "GET /.git/HEAD HTTP/2.0" 404 18869 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" -
videoprenatal.com 34.175.0.11 - - [18/Jul/2026:18:17:39 -0500] "GET /.git/config HTTP/2.0" 404 18867 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] )" -
videoprenatal.com 34.175.0.11 - - [18/Jul/2026:18:17:39 -0500] "GET /.git-credentials HTTP/2.0" 404 18870 "-" "Mozilla/5.0 (compatible; Diffbot/1.0; +https://diffbot.com)" -
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:17:33
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:17:30.460068 2026] [security2:error] [pid 7247:tid 7247] [client 34.175.0.11:59942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/Web.config" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vffv.com"] [uri "/web.config"] [unique_id "alwJirLIbSeNCihXTalLZAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 23:06:03
(2 hours ago)
Detected by CrowdSec: crowdsecurity/http-sensitive-files
Web App Attack
Anonymous
2026-07-18 22:58:50
(2 hours ago)
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /webpack-stats.json HTTP/1.1" 404 60361
34.175.0.1 ...
show more
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /webpack-stats.json HTTP/1.1" 404 60361
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /_next/static/buildManifest.js HTTP/1.1" 404 65230
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /build-manifest.json HTTP/1.1" 404 65198
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /_next/build-manifest.json HTTP/1.1" 404 65217
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /manifest.json HTTP/1.1" 404 65180
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /asset-manifest.json HTTP/1.1" 404 65198
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /__env.js HTTP/1.1" 404 65165
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /service-worker.js HTTP/1.1" 404 65192
34.175.0.11 - - [19/Jul/2026:00:58:49 +0200] "GET /sw.js HTTP/1.1" 404 65156
34.175.0.11 - - [19/Jul/2026:00:58:50 +0200] "GET /graphql HTTP/1.1" 404 60328
...
show less
Web Spam
Web App Attack
๐บ๐ธ
SiliSoftware
2026-07-18 22:32:08
(3 hours ago)
/.gitconfig
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 22:25:07
(3 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210730) triggered by 34.175.0.11 (11.0.175.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 18:24:59.762019 2026] [security2:error] [pid 8254:tid 8254] [client 34.175.0.11:48604] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vigants.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vigants.com"] [uri "/z9x8c7v6b5-debug-trigger-vigants.com"] [unique_id "alv9O2kXxB1OPFVTWjW0cgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-18 21:49:53
(3 hours ago)
2026-07-18 21:49:52 34.175.0.11 File scanning, blocking 34.175.0.11 for 5 minutes
Web App Attack