๐ฉ๐ช
gadix
2026-07-19 06:37:21
(3 minutes ago)
[19/Jul/2026:08:37:20.505086 +0200] alxwoL7MJP0o1EuEbl2w1gAAAAI 34.96.184.17 38768 127.0.0.1 7081
[1 ...
show more
[19/Jul/2026:08:37:20.505086 +0200] alxwoL7MJP0o1EuEbl2w1gAAAAI 34.96.184.17 38768 127.0.0.1 7081
[19/Jul/2026:08:37:20.509600 +0200] alxwoOIToymTpE4MC_TssAAAAAA 34.96.184.17 38770 127.0.0.1 7081
[19/Jul/2026:08:37:20.515923 +0200] alxwoP5aj9u8wmJyd2sjFAAAAAE 34.96.184.17 38800 127.0.0.1 7081
...
show less
Web App Attack
Anonymous
2026-07-19 06:09:28
(30 minutes ago)
Banned by Fail2Ban on server
Web App Attack
๐ฎ๐ณ
evicky2002
2026-07-19 06:00:00
(40 minutes ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ฆ๐บ
AWW-Admin
2026-07-19 05:45:12
(55 minutes ago)
(mod_security) mod_security triggered on hostname [redacted] 34.96.184.17 (HK/Hong Kong/17.184.96.34 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 34.96.184.17 (HK/Hong Kong/17.184.96.34.bc.googleusercontent.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-19 05:32:43
(1 hour ago)
(mod_security) mod_security (id:210730) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 01:32:37.087331 2026] [security2:error] [pid 3967758:tid 3967783] [client 34.96.184.17:44712] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||projectmanagementcertification.org|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "projectmanagementcertification.org"] [uri "/rclone.conf"] [unique_id "alxhdQRVJ7BLFmR-bvICZAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-19 05:22:41
(1 hour ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.96.184.17 (HK/Hong Kong/17.184.9 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.96.184.17 (HK/Hong Kong/17.184.96.34.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-07-19 05:14:09
(1 hour ago)
134 attacks on env grabbing URLs, password grabbing URLs, VC URLs, config grabbing URLs (type 2), PH ...
show more
134 attacks on env grabbing URLs, password grabbing URLs, VC URLs, config grabbing URLs (type 2), PHP URLs:
GET /web/.env HTTP/1.1
GET /.aws/credentials HTTP/1.1
GET /.git/HEAD HTTP/1.1
GET /config/database.yml HTTP/1.1
GET /configuration.php.bak HTTP/1.1
show less
Hacking
Web App Attack
๐ณ๐ฑ
enpepet
2026-07-19 03:49:12
(2 hours ago)
GENERAL: parametres: [url:git=] UA:Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; M ...
show more
GENERAL: parametres: [url:git=] UA:Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; MistralAI-User/1.0 URL:/.git/HEAD
show less
Port Scan
Hacking
Brute-Force
Bad Web Bot
๐ฉ๐ช
psauxit
2026-07-19 03:41:23
(2 hours ago)
Fail2Ban - NGINX 403 forcing to access a restricted resource
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-19 03:14:04
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 23:13:59.674133 2026] [security2:error] [pid 24944:tid 24944] [client 34.96.184.17:35582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "prodigypartners.com"] [uri "/.git/HEAD"] [unique_id "alxA97BgBK8uD4pHZZ8EyAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 02:06:12
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.96.184.17 (17.184.96.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 22:06:08.760223 2026] [security2:error] [pid 1000437:tid 1000437] [client 34.96.184.17:60430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psystems.net"] [uri "/.openclaw/.env"] [unique_id "alwxEFFrOVA4nJSidJABqQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-19 02:05:33
(4 hours ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-19 01:56:56
(4 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ซ๐ท
masterguru
2026-07-19 01:47:56
(4 hours ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-19 01:47:18
(4 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /.github/workflows/deploy.yml | Pays: HK | UA: Mozilla/5 ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /.github/workflows/deploy.yml | Pays: HK | UA: Mozilla/5.0 (compatible; Amzn-SearchBot/1.0; +https://developer.amazon.com/support/amazonbot)
show less
Hacking
Web App Attack