๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-19 00:12:44
(1 minute ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-18 23:28:37
(45 minutes ago)
(mod_security) mod_security (id:210730) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210730) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 19:28:32.465606 2026] [security2:error] [pid 5065:tid 5065] [client 35.220.248.113:41702] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||praemiumtech.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "praemiumtech.com"] [uri "/rclone.conf"] [unique_id "alwMIARtvdUalE7zymP1FAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-18 23:10:57
(1 hour ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฑ๐น
Evag Touf
2026-07-18 22:27:27
(1 hour ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 35.220.248.113 (HK/H ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 35.220.248.113 (HK/Hong Kong/-)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-18 21:54:27
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 17:54:20.536302 2026] [security2:error] [pid 2606178:tid 2606178] [client 35.220.248.113:44902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "premiumstuffonline.com"] [uri "/.env.php.bak"] [unique_id "alv2DECXhKZqrA627hOMlAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-18 20:59:03
(3 hours ago)
20 attempts against mh_ha-misbehave-ban on sedna
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-18 20:34:58
(3 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ท๐ด
iulianh
2026-07-18 20:10:00
(4 hours ago)
80,443
Brute-Force
SSH
๐ฉ๐ช
gadix
2026-07-18 20:06:51
(4 hours ago)
[18/Jul/2026:22:06:47.530574 +0200] alvc1xV0oaEOZgAefTqlWQAAABM 35.220.248.113 34038 127.0.0.1 7081
...
show more
[18/Jul/2026:22:06:47.530574 +0200] alvc1xV0oaEOZgAefTqlWQAAABM 35.220.248.113 34038 127.0.0.1 7081
[18/Jul/2026:22:06:47.600089 +0200] alvc1xs4uFOXEXm69fwmZAAAAEc 35.220.248.113 34054 127.0.0.1 7081
[18/Jul/2026:22:06:47.601141 +0200] alvc1xs4uFOXEXm69fwmZQAAAE8 35.220.248.113 34058 127.0.0.1 7081
...
show less
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-18 20:01:54
(4 hours ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-18 19:41:03
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210492) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 15:40:55.547327 2026] [security2:error] [pid 876132:tid 876132] [client 35.220.248.113:36422] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "primestatepainting.com"] [uri "/.git/config"] [unique_id "alvWx9o5DhRIMBfjAYNmsQAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
webko.si
2026-07-18 19:35:47
(4 hours ago)
pridenmozic.si: Bruteforce web app access, URI detail: '/.git/config'.
Web App Attack
๐ซ๐ท
masterguru
2026-07-18 19:33:58
(4 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-197)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-18 19:19:38
(4 hours ago)
(mod_security) mod_security (id:210730) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:210730) triggered by 35.220.248.113 (113.248.220.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 15:19:32.440345 2026] [security2:error] [pid 3718:tid 3718] [client 35.220.248.113:46816] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||printedthanksgivingcards.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "printedthanksgivingcards.com"] [uri "/rclone.conf"] [unique_id "alvRxJvfauE754yyzuU64wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 19:06:07
(5 hours ago)
Blocked by ModSec and CSF
Port Scan