๐ณ๐ฑ
Site.eu
2026-06-09 02:30:26
(3 weeks ago)
Excessive multi-domain requests
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:35
(3 weeks ago)
Auto-ban: >3000 req/min op 2026-06-08
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-08 17:06:52
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:06:47.007470 2026] [security2:error] [pid 22570:tid 22570] [client 35.195.73.245:48240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cyclelytz.com.indie100.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cyclelytz.com.indie100.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aib2pwcDC4MwwwSi-Sd1WwAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 15:03:34
(3 weeks ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ซ๐ท
masterguru
2026-06-08 14:26:08
(3 weeks ago)
BAD BOT - Detected and Blocked.. Matched phrase "YaBrowser" at REQUEST_HEADERS:User-Agent. (1100000- ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "YaBrowser" at REQUEST_HEADERS:User-Agent. (1100000-201)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-08 11:45:13
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:45:06.236827 2026] [security2:error] [pid 16875:tid 16875] [client 35.195.73.245:60414] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.warriorspringranch.soviaenterprises.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.warriorspringranch.soviaenterprises.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aiarQmDxihz6J94L2NGS0AAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-06-08 10:15:24
(3 weeks ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
mnsf
2026-06-08 09:08:49
(3 weeks ago)
Scanning/Probing (61)
Request Overload (383)
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-06-08 06:44:04
(3 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
updown.io
2026-06-08 04:50:46
(3 weeks ago)
{"level":"info","ts":1780894245.183515,"logger":"http.log.access.log1","msg":"handled request","requ ...
show more
{"level":"info","ts":1780894245.183515,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.195.73.245","remote_port":"43466","client_ip":"35.195.73.245","proto":"HTTP/1.1","method":"GET","host":"status.casartusi.it","uri":"/logfile","headers":{"Connection":["close"],"User-Agent":["Mozilla/5.0 (Linux; Android 9; G8341) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"],"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.casartusi.it","ech":false}},"bytes_read":0,"user_id":"","duration":0.000086223,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1780894245.2476282,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"35.195.73.245","remote_port":"43470","client_ip":"35.195.73.245","proto":"HTTP/1.1","method":"GET","host"
...
show less
DDoS Attack
Web App Attack
๐ฉ๐ช
EGP Abuse Dept
2026-06-08 04:39:40
(3 weeks ago)
Scanning for web/db/file exploits on www.hob-beheer.nl
SQL Injection
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 03:55:05
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:54:55.864009 2026] [security2:error] [pid 2597:tid 2597] [client 35.195.73.245:39830] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||grupo-visalud.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "grupo-visalud.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aiY9D2LaujBFY2P7Dn2_YAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 03:02:59
(3 weeks ago)
(caddyscan) Scanner path probe from 35.195.73.245 (BE/Belgium/245.73.195.35.bc.googleusercontent.com ...
show more
(caddyscan) Scanner path probe from 35.195.73.245 (BE/Belgium/245.73.195.35.bc.googleusercontent.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 35.195.73.245 - - [08/Jun/2026:03:02:54 +0000] "GET /actuator/sessions HTTP/1.1"
[REDACTED] 200 2627 35.195.73.245 - - [08/Jun/2026:03:02:54 +0000] "GET /actuator/dump HTTP/1.1"
[REDACTED] 200 2627 35.195.73.245 - - [08/Jun/2026:03:02:54 +0000] "GET /v1/actuator/env HTTP/1.1"
[REDACTED] 200 2627 35.195.73.245 - - [08/Jun/2026:03:02:54 +0000] "GET /actuator/auditevents HTTP/1.1"
[REDACTED] 200 2627 35.195.73.245 - - [08/Jun/2026:03:02:54 +0000] "GET /actuator/heapdump HTTP/1.1"
show less
Port Scan
๐ฎ๐น
VHosting
2026-06-08 02:30:04
(3 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 00:54:04
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.195.73.245 (245.73.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:53:57.930100 2026] [security2:error] [pid 30716:tid 30716] [client 35.195.73.245:42244] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.m.bluegrassexpressband.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.m.bluegrassexpressband.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "aiYSpaCkBSz4hcoaiRxhzQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack