๐บ๐ธ
TPI-Abuse
2026-07-18 23:29:00
(16 minutes ago)
(mod_security) mod_security (id:210730) triggered by 34.29.108.192 (192.108.29.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 34.29.108.192 (192.108.29.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:28:55.733815 2026] [security2:error] [pid 23039:tid 23048] [client 34.29.108.192:53658] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||hotairwelder.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hotairwelder.com"] [uri "/z9x8c7v6b5-debug-trigger-hotairwelder.com"] [unique_id "alwMN4DYRljKKJl6WPJ-_wAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
AWW-Admin
2026-07-18 23:28:09
(17 minutes ago)
(mod_security) mod_security triggered on hostname [redacted] 34.29.108.192 (US/United States/192.108 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 34.29.108.192 (US/United States/192.108.29.34.bc.googleusercontent.com)
show less
SQL Injection
๐ธ๐ช
vaia.cloud
2026-07-18 23:10:01
(35 minutes ago)
trying wp-login.php/xmlrpc.php 36 times in 1 minutes
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-07-18 22:02:59
(1 hour ago)
http-probing - IP: 34.29.108.192 - time="2026-07-19T00:02:59+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 34.29.108.192 - time="2026-07-19T00:02:59+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.29.108.192 (US/396982) : 4h ban on Ip 34.29.108.192" module=db
show less
Web App Attack
๐ซ๐ท
masterguru
2026-07-18 21:52:00
(1 hour ago)
URL file extension is restricted by policy. String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ ...
show more
URL file extension is restricted by policy. String match within ".asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .rdb/ .resources/ .resx/ .sql/ .swp/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/" at TX:extension. (920440-131)
show less
Hacking
Anonymous
2026-07-18 21:14:33
(2 hours ago)
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.gitconfig HTTP/1.1" 403 124 "-" "Mozilla/5.0 ( ...
show more
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.gitconfig HTTP/1.1" 403 124 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.github/workflows/deploy.yml HTTP/1.1" 403 124 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /wp-json HTTP/1.1" 403 124 "-" "Mozilla/5.0 (compatible; Diffbot/1.0; +https://diffbot.com)"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /rclone.conf HTTP/1.1" 403 124 "-" "Mozilla/5.0 (compatible; Diffbot/1.0; +https://diffbot.com)"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.env HTTP/1.1" 403 124 "-" "Mozilla/5.0 (compatible; Diffbot/1.0; +https://diffbot.com)"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.aws/config HTTP/1.1" 403 124 "-" "anthropic-ai"
34.29.108.192 - - [18/Jul/2026:23:14:32 +0200] "GET /.git-credentials HTTP/1.1" 403 124 "
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
enjoyably
2026-07-18 20:55:00
(2 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent
Web App Attack
Bad Web Bot
๐ฉ๐ช
findlab
2026-07-18 20:40:01
(3 hours ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-18 20:33:28
(3 hours ago)
Excessive multi-domain requests
Brute-Force
๐ฌ๐ง
consul.to
2026-07-18 20:22:33
(3 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 20:08:57
(3 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.29.108.192 (192.108.29.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 34.29.108.192 (192.108.29.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 16:08:50.599481 2026] [security2:error] [pid 3436084:tid 3436088] [client 34.29.108.192:47696] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||howlerrock.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "howlerrock.com"] [uri "/z9x8c7v6b5-debug-trigger-howlerrock.com"] [unique_id "alvdUlSgznjA3PEQBr0gsQAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-18 19:10:08
(4 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 19:03:39
(4 hours ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐ซ๐ท
dynamix
2026-07-18 18:53:54
(4 hours ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-18 18:45:08
(5 hours ago)
Web App Attack