๐ฌ๐ง
openstrike.co.uk
2026-07-19 05:14:26
(1 hour ago)
39 attacks on config grabbing URLs (type 2), PHP URLs, VC URLs, password grabbing URLs, env grabbing ...
show more
39 attacks on config grabbing URLs (type 2), PHP URLs, VC URLs, password grabbing URLs, env grabbing URLs:
GET /config/storage.yml HTTP/1.1
GET /configuration.php.bak HTTP/1.1
GET /.git/HEAD HTTP/1.1
GET /.aws/credentials HTTP/1.1
GET /.env.swp HTTP/1.1
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 01:26:07
(5 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 21:25:59.375294 2026] [security2:error] [pid 1303245:tid 1303245] [client 34.90.102.52:43804] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||cynosuresnapshots.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cynosuresnapshots.com"] [uri "/rclone.conf"] [unique_id "alwnp_eDbZgEEKQyyJ1WHwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-18 23:59:08
(7 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
Melle
2026-07-18 23:22:08
(7 hours ago)
Unauthorized connection attempt detected from IP address 34.90.102.52
Bad Web Bot
Anonymous
2026-07-18 22:09:07
(8 hours ago)
Blocked by ModSec and CSF
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-18 21:56:00
(9 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 17:55:56.498981 2026] [security2:error] [pid 1790809:tid 1790809] [client 34.90.102.52:42658] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bluemarineboats.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bluemarineboats.com"] [uri "/rclone.conf"] [unique_id "alv2bNdtHwPiG9jB6C_PSQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-18 21:49:47
(9 hours ago)
20 attempts against mh-misbehave-ban on ozone
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 21:34:18
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 17:34:13.775295 2026] [security2:error] [pid 15418:tid 15418] [client 34.90.102.52:58504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "computerian.net"] [uri "/.git/HEAD"] [unique_id "alvxVR6_DkX9tBZvIkqI9QAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-18 21:30:31
(9 hours ago)
(modsecurity) srv101 ModSecurity 34.90.102.52 (NL/The Netherlands/52.102.90.34.bc.googleusercontent. ...
show more
(modsecurity) srv101 ModSecurity 34.90.102.52 (NL/The Netherlands/52.102.90.34.bc.googleusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 20:45:40
(10 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 16:45:32.431808 2026] [security2:error] [pid 23039:tid 23064] [client 34.90.102.52:52450] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||iamfluff.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "iamfluff.com"] [uri "/z9x8c7v6b5-debug-trigger-iamfluff.com"] [unique_id "alvl7IDYRljKKJl6WPJncQAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-18 20:39:20
(10 hours ago)
2026-07-18 20:39:19 34.90.102.52 Bad bot, blocking Mozilla/5.0
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-18 20:08:03
(10 hours ago)
Try to access /.git/HEAD
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-18 19:52:36
(11 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 19:36:45
(11 hours ago)
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.90.102.52 (52.102.90.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 15:36:40.569093 2026] [security2:error] [pid 20503:tid 20503] [client 34.90.102.52:47558] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mijn-pedicure.nl|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mijn-pedicure.nl"] [uri "/rclone.conf"] [unique_id "alvVyL3LtR86v6XOaSjTcQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
masterguru
2026-07-18 19:25:59
(11 hours ago)
BAD BOT - Detected and Blocked.. Matched phrase "ccbot" at REQUEST_HEADERS:user-agent. (1100000-147)
Bad Web Bot