๐ธ๐ช
vaia.cloud
2026-07-02 10:13:01
(1 day ago)
trying wp-login.php/xmlrpc.php 47 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:06:04
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:05:58.189517 2026] [security2:error] [pid 7550:tid 7550] [client 34.35.167.40:35240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.foodnest.com.polydorou.eu"] [uri "/.git/config"] [unique_id "akYN1ukkcbpyuPp-Vw2xNQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
mediarama.com
2026-07-02 04:30:12
(1 day ago)
Banned by Fail2Ban
Web App Attack
๐ฉ๐ช
EGP Abuse Dept
2026-07-02 00:22:14
(1 day ago)
Scanning for web/db/file exploits on www.focum.be
SQL Injection
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-01 22:15:11
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-30.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 19:10:00
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 15:09:56.434021 2026] [security2:error] [pid 7695:tid 7695] [client 34.35.167.40:38982] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.flyingdodostudio.flyingdodopublications.com"] [uri "/.git/config"] [unique_id "akVmBML156CxkNv8jvUOSQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-01 17:05:42
(1 day ago)
34.35.167.40 - - [01/Jul/2026:13:05:41 -0400] "GET /.env HTTP/1.1" 403 4817 "-" "Mozilla/5.0 (X11; L ...
show more
34.35.167.40 - - [01/Jul/2026:13:05:41 -0400] "GET /.env HTTP/1.1" 403 4817 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-07-01 12:59:06
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 34.35.167.40 (40.167.35.34.bc.googleuse ...
show more
(mod_security) mod_security triggered on hostname [redacted] 34.35.167.40 (40.167.35.34.bc.googleusercontent.com)
show less
SQL Injection
๐ณ๐ฑ
Site.eu
2026-07-01 08:30:13
(2 days ago)
Excessive 404/403 errors
Brute-Force
๐จ๐ญ
zynex
2026-06-30 18:58:40
(2 days ago)
URL Probing: /api/.env
Web App Attack
๐ต๐ฑ
TaKeN
2026-06-30 13:46:41
(2 days ago)
Automated Wazuh local observation. Wazuh rule 31151 lvl=10 detected repeated HTTP web application pr ...
show more
Automated Wazuh local observation. Wazuh rule 31151 lvl=10 detected repeated HTTP web application probing from this source IP. Observed 1 matching blocked event(s) between 2026-06-30T15:46:41+02:00 and 2026-06-30T15:46:41+02:00. Sample requested paths: /auth.json.
show less
Web App Attack
Hacking
๐ซ๐ท
dynamix
2026-06-28 17:29:30
(4 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 12:40:45
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.35.167.40 (40.167.35.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:40:38.614623 2026] [security2:error] [pid 28224:tid 28224] [client 34.35.167.40:60210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bahamascruisersguide.com"] [uri "/.git/config"] [unique_id "akEWRsCKUucTSbwHeEI2XAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
webadmin
2026-06-28 10:06:18
(5 days ago)
Web App Attack
๐ง๐ช
cmbplf
2026-06-26 18:31:02
(6 days ago)
174 requests with url.path *.env
Brute-Force
Bad Web Bot