π¬π§
consul.to
2026-06-15 04:43:51
(6 days ago)
Web attack/malicious scanning detected
Web App Attack
π³π±
Site.eu
2026-06-15 04:42:15
(6 days ago)
Excessive multi-domain requests
Brute-Force
π©πͺ
SCHAPPY
2026-06-15 04:06:13
(6 days ago)
Critical web app attack detected. HTTP header is restricted by policy (/accept-charset/)
Web App Attack
π«π·
masterguru
2026-06-15 03:08:04
(6 days ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-195)
show less
Hacking
2026-06-15 02:53:18
(6 days ago)
apache-auth
Brute-Force
Web App Attack
2026-06-15 01:56:00
(6 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-14 23:15:18
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 34.129.24.18 (18.24.129.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 34.129.24.18 (18.24.129.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:15:03.504492 2026] [security2:error] [pid 20934:tid 20934] [client 34.129.24.18:43644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arborterra.org"] [uri "/config/config.yml"] [unique_id "ai81967r67CigcGGvOIKiAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-14 21:46:21
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 34.129.24.18 (18.24.129.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210730) triggered by 34.129.24.18 (18.24.129.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:46:15.782905 2026] [security2:error] [pid 31289:tid 31289] [client 34.129.24.18:57128] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ourcritterguy.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ourcritterguy.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai8hJwv4Nxa3MTBVWGDBlwAAAEQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
grassau.com
2026-06-14 18:43:07
(1 week ago)
*Port Scan* detected from 34.129.24.18 (AU/Australia/Victoria/Melbourne/18.24.129.34.bc.googleuserco ...
show more
*Port Scan* detected from 34.129.24.18 (AU/Australia/Victoria/Melbourne/18.24.129.34.bc.googleusercontent.com).
show less
Port Scan
πͺπΈ
robotstxt
2026-06-14 12:12:33
(1 week ago)
34.129.24.18 - - [14/Jun/2026:12:12:29 +0000] "GET /mailer.zip HTTP/1.1" 404 146 "-" "Mozilla/5.0 (X ...
show more
34.129.24.18 - - [14/Jun/2026:12:12:29 +0000] "GET /mailer.zip HTTP/1.1" 404 146 "-" "Mozilla/5.0 (X11; Linux i686; rv:2.0.1) Gecko/20100101 Firefox/4.0.1" "-"
34.129.24.18 - - [14/Jun/2026:12:12:29 +0000] "GET /mail.zip HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Symbian/3; Series60/5.2 NokiaE7-00/010.016; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.7.3 3gpp-gba" "-"
34.129.24.18 - - [14/Jun/2026:12:12:32 +0000] "GET /mailer/sendgrid.js HTTP/1.1" 404 146 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/16D57" "-"
34.129.24.18 - - [14/Jun/2026:12:12:32 +0000] "GET /mailer/sendgrid.py HTTP/1.1" 404 178 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/60.0.3112.78 Chrome/60.0.3112.78 Safari/537.36" "-"
34.129.24.18 - - [14/Jun/2026:12:12:32 +0000] "GET /mail/sendgrid.py HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWe
...
show less
Bad Web Bot
π³π±
Savvii
2026-06-14 06:00:39
(1 week ago)
20 attempts against mh_ha-misbehave-ban on ec102967
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-14 05:08:54
(1 week ago)
Too many Status 40X (22)
Scanning/Probing (61)
Request Overload (437)
Brute-Force
Web App Attack
π³π±
wlt-blocker
2026-06-14 04:27:36
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
π«π·
masterguru
2026-06-14 04:13:37
(1 week ago)
Restricted File Access Attempt. Matched phrase ".aws/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
π¨π
zynex
2026-06-14 03:50:36
(1 week ago)
URL Probing: /api/database.php
Web App Attack