๐ณ๐ฑ
Alboweb B.V.
2026-06-24 19:14:29
(5 days ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
VanKoh
2026-06-24 18:52:09
(5 days ago)
2001:41d0:8:451c:: - - [24/Jun/2026:12:52:08 -0600] "GET /verify/javascript.html HTTP/1.1" 301 162 " ...
show more
2001:41d0:8:451c:: - - [24/Jun/2026:12:52:08 -0600] "GET /verify/javascript.html HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 OPR/117.0.0."
2001:41d0:8:451c:: - - [24/Jun/2026:12:52:08 -0600] "GET /aggiornamento-dati/bper/UITLEG.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Trailer/93.3.8652.5"
2001:41d0:8:451c:: - - [24/Jun/2026:12:52:08 -0600] "GET /bnp/READ%20ME%20FIRST.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0."
...
show less
Port Scan
Web App Attack
๐ง๐ช
cmbplf
2026-06-24 12:42:57
(5 days ago)
579 requests with url.path */composer.json
Brute-Force
Bad Web Bot
๐บ๐ธ
VanKoh
2026-06-23 13:25:19
(6 days ago)
2001:41d0:8:451c:: - - [23/Jun/2026:07:25:18 -0600] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windo ...
show more
2001:41d0:8:451c:: - - [23/Jun/2026:07:25:18 -0600] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:136.0) Gecko/20100101 Firefox/136."
2001:41d0:8:451c:: - - [23/Jun/2026:07:25:18 -0600] "GET /c/doccle/UITLEG.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [23/Jun/2026:07:25:18 -0600] "GET /jogo/events-tools/caixa/Uitleg.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.3"
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
VanKoh
2026-06-21 21:34:29
(1 week ago)
2001:41d0:8:451c:: - - [21/Jun/2026:15:34:28 -0600] "GET /clien/Uitleg.txt HTTP/1.1" 301 162 "-" "Mo ...
show more
2001:41d0:8:451c:: - - [21/Jun/2026:15:34:28 -0600] "GET /clien/Uitleg.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Trailer/93.3.8652.5"
2001:41d0:8:451c:: - - [21/Jun/2026:15:34:28 -0600] "GET /jogo/events-tools/caixa/READ%20ME%20FIRST.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Trailer/93.3.8652.5"
2001:41d0:8:451c:: - - [21/Jun/2026:15:34:28 -0600] "GET /klantinfo/UITLEG.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Trailer/93.3.8652.5"
...
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 01:43:23
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:43:17.699366 2026] [security2:error] [pid 25438:tid 25470] [client 2001:41d0:8:451c:::43306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.el-designers.com.oplconnect.com"] [uri "/mps/composer.json"] [unique_id "ajdBtc7kDe6aylZv09oqaQAAANU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
VanKoh
2026-06-20 01:24:53
(1 week ago)
2001:41d0:8:451c:: - - [19/Jun/2026:19:24:52 -0600] "GET /be/beveiligde/omgeving/i.n.g/javascript.ht ...
show more
2001:41d0:8:451c:: - - [19/Jun/2026:19:24:52 -0600] "GET /be/beveiligde/omgeving/i.n.g/javascript.html HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [19/Jun/2026:19:24:52 -0600] "GET /be/beveiligde/omgeving/f.i.n.t.r.o/Uitleg.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.10 Safari/605.1.1"
2001:41d0:8:451c:: - - [19/Jun/2026:19:24:52 -0600] "GET /-/postbank/UITLEG.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.3"
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 22:11:34
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:11:27.987343 2026] [security2:error] [pid 19140:tid 19140] [client 2001:41d0:8:451c:::58692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "perissosdigitalmarketing.com.kevinfranz.com"] [uri "/wp-admin/js/dhlen/composer.json"] [unique_id "ajRtD25ojG89_t3gn7rsYQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
VanKoh
2026-06-18 11:13:51
(1 week ago)
2001:41d0:8:451c:: - - [18/Jun/2026:05:13:50 -0600] "GET /dhlenit/overview.js HTTP/1.1" 301 162 "-" ...
show more
2001:41d0:8:451c:: - - [18/Jun/2026:05:13:50 -0600] "GET /dhlenit/overview.js HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [18/Jun/2026:05:13:50 -0600] "GET /work/asse/netflix/javascript.html HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [18/Jun/2026:05:13:51 -0600] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.3"
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
VanKoh
2026-06-18 07:13:53
(1 week ago)
2001:41d0:8:451c:: - - [18/Jun/2026:01:13:52 -0600] "GET /myalpha/overview.js HTTP/1.1" 301 162 "-" ...
show more
2001:41d0:8:451c:: - - [18/Jun/2026:01:13:52 -0600] "GET /myalpha/overview.js HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.1958"
2001:41d0:8:451c:: - - [18/Jun/2026:01:13:52 -0600] "GET /bab/composer.json HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0."
2001:41d0:8:451c:: - - [18/Jun/2026:01:13:52 -0600] "GET /app/dhlenes/overview.js HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.3"
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
VanKoh
2026-06-17 19:01:50
(1 week ago)
2001:41d0:8:451c:: - - [17/Jun/2026:13:01:49 -0600] "GET /kytrad.html HTTP/1.1" 301 162 "-" "Mozilla ...
show more
2001:41d0:8:451c:: - - [17/Jun/2026:13:01:49 -0600] "GET /kytrad.html HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0."
2001:41d0:8:451c:: - - [17/Jun/2026:13:01:49 -0600] "GET /sign-in/javascript.html HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [17/Jun/2026:13:01:49 -0600] "GET /uadmin/doc/composer.json HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36 Edg/134.0.0."
...
show less
DDoS Attack
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-16 11:55:43
(1 week ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
VanKoh
2026-06-13 11:26:42
(2 weeks ago)
2001:41d0:8:451c:: - - [13/Jun/2026:05:26:41 -0600] "GET /.demo/update/mps2020/Uitleg%20Panel.txt HT ...
show more
2001:41d0:8:451c:: - - [13/Jun/2026:05:26:41 -0600] "GET /.demo/update/mps2020/Uitleg%20Panel.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.1958"
2001:41d0:8:451c:: - - [13/Jun/2026:05:26:41 -0600] "GET /a/ups/Uitleg%20LEES%20MIJ.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.3"
2001:41d0:8:451c:: - - [13/Jun/2026:05:26:41 -0600] "GET /online/man.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.3"
...
show less
Port Scan
Web App Attack
๐ฉ๐ช
pscriptos
2026-06-13 03:51:40
(2 weeks ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-10 14:41:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:41d0:8:451c:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:41:27.326213 2026] [security2:error] [pid 14251:tid 14269] [client 2001:41d0:8:451c:::47412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "belfastpropertyagency.com.aceelectricalsupplies.com"] [uri "/be/vergoeding/aanvraag/fnt/composer.json"] [unique_id "ail3l5icDXqLx5D22M-aVAAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack