๐ณ๐ฑ
homeshowdomain.nl
2026-06-27 22:01:34
(2 days ago)
Auto-ban: 257 malicious requests on 2026-06-26 (e.g., env/backup probes, brute-force, or error burst ...
show more
Auto-ban: 257 malicious requests on 2026-06-26 (e.g., env/backup probes, brute-force, or error bursts).
show less
Web App Attack
SSH
Hacking
๐ฎ๐ฉ
rafli
2026-06-26 02:44:37
(4 days ago)
{"level":"info","ts":1782441876.5454247,"logger":"http.log.access.log2","msg":"handled request","req ...
show more
{"level":"info","ts":1782441876.5454247,"logger":"http.log.access.log2","msg":"handled request","request":{"remote_ip":"35.232.167.34","remote_port":"33792","client_ip":"35.232.167.34","proto":"HTTP/1.1","method":"GET","host":"evolution-api.oncall.id","uri":"/app/heapdump","headers":{"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) Gecko/2009060309 Ubuntu/9.10 (karmic) Firefox/3.0.11"],"Accept-Charset":["utf-8"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"evolution-api.oncall.id","ech":false}},"bytes_read":0,"user_id":"","duration":0.011057301,"size":86,"status":404,"resp_headers":{"Via":["1.1 Caddy"],"X-Powered-By":["Express"],"Content-Length":["86"],"Etag":["W/\"56-lkawIR632M8dvmU0kLW9ydoDym8\""],"X-Content-Type-Options":["nosniff"],"Permissions-Policy":["accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()"],"Referrer-P
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 02:30:35
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 35.232.167.34 (34.167.232.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.232.167.34 (34.167.232.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 22:30:29.921478 2026] [security2:error] [pid 4816:tid 4816] [client 35.232.167.34:42762] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bencramer.net|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bencramer.net"] [uri "/.config/gcloud/credentials.db"] [unique_id "aj3kRYbrCIKFvlwdEedjmAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
COMAITE
2026-06-26 02:30:11
(4 days ago)
Suspicious URL access.
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-26 00:23:18
(4 days ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 23:38:22
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 35.232.167.34 (34.167.232.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 35.232.167.34 (34.167.232.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 19:38:17.165289 2026] [security2:error] [pid 30183:tid 30183] [client 35.232.167.34:59468] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/config.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.crescentcitycafe.org"] [uri "/config/config.yml"] [unique_id "aj276VRSXIw_AetE7wuOMwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
SysAdmin Dylan
2026-06-25 22:54:18
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 35.232.167.34 (US/United States/34.167.232.35.b ...
show more
(mod_security) mod_security (id:210730) triggered by 35.232.167.34 (US/United States/34.167.232.35.bc.googleusercontent.com): 10 in the last 3600 secs
show less
Brute-Force
๐ฌ๐ง
consul.to
2026-06-25 22:42:25
(4 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
OptimusGO
2026-06-25 18:18:06
(4 days ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-06-25 19:18:06 UTC
Log evidence:
06/25/2026-19:18:06.513626 [**] [1:1000020:1] DOS SYN Flood Attack Detected [**] [Classification: Attempted Denial of Service] [Priority: 1] {TCP} 35.232.167.34:57062 -> 185.127.18.66:443
06/25/2026-19:18:06.507779 [**] [1:1000020:1] DOS SYN Flood Attack Detected [**] [Classification: Attempted Denial of Service] [Priority: 1] {TCP} 35.232.167.34:57060 -> 185.127.18.66:443
show less
Port Scan
Brute-Force
๐ฉ๐ช
Savvii
2026-06-25 18:00:21
(4 days ago)
20 attempts against mh_ha-misbehave-ban on radon
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-06-25 15:42:54
(4 days ago)
.env scanning [BY]
Web App Attack
๐ฉ๐ช
Hazzard
2026-06-25 14:17:16
(4 days ago)
*Port Scan* detected from 35.232.167.34 (US/United States/Iowa/Council Bluffs/34.167.232.35.bc.googl ...
show more
*Port Scan* detected from 35.232.167.34 (US/United States/Iowa/Council Bluffs/34.167.232.35.bc.googleusercontent.com/[redacted]).
show less
Port Scan
๐ซ๐ท
dynamix
2026-06-25 13:36:51
(4 days ago)
Multiple WAF Violations
Web App Attack
Anonymous
2026-06-25 13:01:29
(4 days ago)
Probing\(5\) HTTP Ports
...
Bad Web Bot
Web App Attack