Anonymous
2026-07-17 13:28:08
(2 hours ago)
(caddyscan) Scanner path probe from 195.74.93.162 (GB/United Kingdom/hosted-by.zetservers.com): 5 in ...
show more
(caddyscan) Scanner path probe from 195.74.93.162 (GB/United Kingdom/hosted-by.zetservers.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 195.74.93.162 - - [17/Jul/2026:13:28:04 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 195.74.93.162 - - [17/Jul/2026:13:28:05 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 195.74.93.162 - - [17/Jul/2026:13:28:05 +0000] "GET /.git/packed-refs HTTP/1.1"
[REDACTED] 200 2627 195.74.93.162 - - [17/Jul/2026:13:28:05 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 195.74.93.162 - - [17/Jul/2026:13:28:06 +0000] "GET /.env.local HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-17 10:17:59
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:17:52.043204 2026] [security2:error] [pid 509626:tid 509741] [client 195.74.93.162:23870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iguanablue.com"] [uri "/.env"] [unique_id "aloBUBXb8EgjrviTGENeAAAAAdA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:26:13
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:26:08.933301 2026] [security2:error] [pid 403269:tid 403269] [client 195.74.93.162:50038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1stadvantageschool.com"] [uri "/.git/config"] [unique_id "alnZEHidO9PKVBrvMS49rwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:26:08
(9 hours ago)
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:25:59.279908 2026] [security2:error] [pid 380771:tid 380771] [client 195.74.93.162:51872] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||louisianamasons.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "louisianamasons.com"] [uri "/backup.sql"] [unique_id "alnK9w60qz9fG1UEkeiiogAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:51:46
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:51:38.383267 2026] [security2:error] [pid 28167:tid 28186] [client 195.74.93.162:26048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cjherbalremedies.com"] [uri "/.git/HEAD"] [unique_id "alm02qL6YNvmRlMxENzbsQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:39:45
(15 hours ago)
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:39:39.723856 2026] [security2:error] [pid 20637:tid 20637] [client 195.74.93.162:8236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||printedpartynapkins.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "printedpartynapkins.com"] [uri "/dump.sql"] [unique_id "all5y6NPH77OCfmK4sx0kAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 23:34:36
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 19:34:31.197710 2026] [security2:error] [pid 1167:tid 1167] [client 195.74.93.162:54730] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "streamlinenz.com"] [uri "/.git/config"] [unique_id "allqh0Ub4TOCfgOMy0oh4wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 21:38:45
(18 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:27:42
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:27:34.238435 2026] [security2:error] [pid 21237:tid 21237] [client 195.74.93.162:29688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marianozaro.com"] [uri "/.env"] [unique_id "allMxmq5GMH6QaxP5PvoTQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:25:32
(19 hours ago)
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in ...
show more
(mod_security) mod_security (id:210730) triggered by 195.74.93.162 (hosted-by.zetservers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:25:28.461168 2026] [security2:error] [pid 24146:tid 24179] [client 195.74.93.162:12348] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||aafm.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aafm.us"] [uri "/database.sql"] [unique_id "alk-OAvq47jiiuaJBE854gAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
HandyTreff.de
2026-07-13 06:01:22
(4 days ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -39.15 (Bad < -10 / Very Bad < -20 / ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -39.15 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Sa
show less
Web App Attack
Bad Web Bot
Anonymous
2026-07-05 00:15:27
(1 week ago)
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ...
show more
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) | Attack Signature Blocked: /brands/netgear/shopby/manufacturer-netgear-rcf-avaya-lsi-ask_proxima-projectiondesign-acer-xyz.html | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 | (Magento Site)
show less
Hacking
Bad Web Bot
๐ฉ๐ช
SMARTNET
2025-11-26 02:37:10
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
Anonymous
2025-11-21 12:49:36
(7 months ago)
scanning http requests from known botnet
Web App Attack
๐ณ๐ฑ
exxos
2025-11-03 11:38:11
(8 months ago)
Attacks with Bad user agents
Hacking