๐บ๐ธ
TPI-Abuse
2026-07-19 01:48:06
(8 minutes ago)
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:47:58.935565 2026] [security2:error] [pid 1337342:tid 1337342] [client 34.35.16.37:59356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rajabarber.com"] [uri "/.git/config"] [unique_id "alwszh4jDU8d1hWEg_Y8sQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-07-19 01:46:18
(10 minutes ago)
Domain : redirect.netenergy.uk
Rule : env
2026-07-19 01:43:59 217.194.210.152 GET /.env.example - 44 ...
show more
Domain : redirect.netenergy.uk
Rule : env
2026-07-19 01:43:59 217.194.210.152 GET /.env.example - 443 - 34.35.16.37 HTTP/2 anthropic-ai - ravensara.co.uk 404 0 2 1523 176 163 - -
show less
Hacking
SQL Injection
๐ฟ๐ฆ
conure
2026-07-19 01:24:20
(32 minutes ago)
csagent: score 20.0: secrets grab x2; 1 domain(s) in 0s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:17:04
(39 minutes ago)
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:16:57.544780 2026] [security2:error] [pid 31027:tid 31027] [client 34.35.16.37:44140] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||realdesigninterior.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "realdesigninterior.com"] [uri "/rclone.conf"] [unique_id "alwliToFzNZz3BRhzUlJxgAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:00:10
(56 minutes ago)
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:00:04.603520 2026] [security2:error] [pid 9977:tid 9977] [client 34.35.16.37:46484] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||realdoctorstories.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "realdoctorstories.com"] [uri "/host.key"] [unique_id "alwhlNC3FJqGrDSUJmTRoQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-19 00:31:36
(1 hour ago)
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:User-Agent. (1100000 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "bytespider" at REQUEST_HEADERS:User-Agent. (1100000-197)
show less
Bad Web Bot
๐จ๐ญ
backslash
2026-07-19 00:18:14
(1 hour ago)
block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-19 00:08:14
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 20:08:08.297172 2026] [security2:error] [pid 5133:tid 5133] [client 34.35.16.37:37078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rame-int.com"] [uri "/.git/HEAD"] [unique_id "alwVaJHM_fY06ygCPiZtHQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Philister11
2026-07-19 00:07:40
(1 hour ago)
CrowdSec: crowdsecurity/http-probing (ZA/AS396982)
Web App Attack
Hacking
๐ซ๐ท
masterguru
2026-07-19 00:02:27
(1 hour ago)
Restricted File Access Attempt. Matched phrase ".gitconfig" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
Anonymous
2026-07-18 23:49:52
(2 hours ago)
Fail2Ban: ModSecurity detected a web application attack.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 23:13:23
(2 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210730) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:13:18.282252 2026] [security2:error] [pid 9886:tid 9886] [client 34.35.16.37:43956] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||rapidheatprocesses.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rapidheatprocesses.com"] [uri "/rclone.conf"] [unique_id "alwIjggcajBORG4yYc5ltgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-18 22:29:40
(3 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-07-18 22:21:57
(3 hours ago)
34.35.16.37 - - [18/Jul/2026:17:21:53 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (compatib ...
show more
34.35.16.37 - - [18/Jul/2026:17:21:53 -0500] "GET /.env HTTP/1.1" 403 199 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" 34.35.16.37
34.35.16.37 - - [18/Jul/2026:17:21:53 -0500] "GET /.env.example HTTP/1.1" 403 199 "-" "Mozilla/5.0 (compatible; Applebot-Extended/0.1; +http://www.apple.com/go/applebot)" 34.35.16.37
34.35.16.37 - - [18/Jul/2026:17:21:54 -0500] "GET /.env.production HTTP/1.1" 403 199 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot" 34.35.16.37
34.35.16.37 - - [18/Jul/2026:17:21:54 -0500] "GET /.env.bak HTTP/1.1" 403 199 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 34.35.16.37
34.35.16.37 - - [18/Jul/2026:17:21:54 -0500] "GET /.env.local HTTP/1.1" 403 199 "-" "Mozilla/5.0 (compatible; Applebot-Extended/0.1; +http://www.apple.com/go/applebot)" 34.35.16.37
34.35.16.37 - - [18/Jul/2026:17:21:54 -0500] "GET /.env.backup HTTP/1.1" 403 199 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko);
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 21:51:42
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.16.37 (37.16.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 17:51:34.996589 2026] [security2:error] [pid 23039:tid 23043] [client 34.35.16.37:38082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "randycameron.com"] [uri "/.git/config"] [unique_id "alv1ZoDYRljKKJl6WPJt8gAAAMI"]
show less
Brute-Force
Bad Web Bot
Web App Attack