π³π±
Cloud86 B.V.
2026-06-14 23:13:07
(35 minutes ago)
categories: DDoS Attack
DDoS Attack
πΊπΈ
TPI-Abuse
2026-06-14 22:03:22
(1 hour ago)
(mod_security) mod_security (id:210831) triggered by 35.243.104.82 (82.104.243.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210831) triggered by 35.243.104.82 (82.104.243.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:03:15.529166 2026] [security2:error] [pid 31284:tid 31284] [client 35.243.104.82:60132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||alccontractorsllc.com|F|4"] [data "grub-client"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "alccontractorsllc.com"] [uri "/env"] [unique_id "ai8lI-L5nj7MusVwzwc4bQAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Savvii
2026-06-14 21:56:54
(1 hour ago)
90 attempts against mh-misbehave-ban on wheat
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
robotstxt
2026-06-14 17:55:36
(5 hours ago)
35.243.104.82 - - [14/Jun/2026:17:55:30 +0000] "GET /mail.zip HTTP/1.1" 404 146 "-" "SonyEricssonT61 ...
show more
35.243.104.82 - - [14/Jun/2026:17:55:30 +0000] "GET /mail.zip HTTP/1.1" 404 146 "-" "SonyEricssonT610/R201 Profile/MIDP-1.0 Configuration/CLDC-1.0" "-"
35.243.104.82 - - [14/Jun/2026:17:55:30 +0000] "GET /mailer.zip HTTP/1.1" 404 180 "-" "Mozilla/5.0 (Linux; Android 9; ONEPLUS A6010) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36" "-"
35.243.104.82 - - [14/Jun/2026:17:55:35 +0000] "GET /mailer/sendgrid.js HTTP/1.1" 404 180 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.35 Safari/537.36" "-"
35.243.104.82 - - [14/Jun/2026:17:55:35 +0000] "GET /mailer/sendgrid.py HTTP/1.1" 404 146 "-" "Mozilla/5.0 (X11; U; Linux x86_64; us; rv:1.9.1.19) Gecko/20110430 shadowfox/7.0 (like Firefox/7.0" "-"
35.243.104.82 - - [14/Jun/2026:17:55:35 +0000] "GET /mail/sendgrid.py HTTP/1.1" 404 146 "-" "Mozilla/5.0 (Linux; U; Android 3.0; en-us; Xoom Build/HRI39) AppleWebKit/525.10 (KHTML, like Gecko) Version/3.0.4 Mobile Safari/523
...
show less
Bad Web Bot
πΈπͺ
Juha Jurvanen
2026-06-14 15:50:02
(7 hours ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
π§πΎ
lns.bz
2026-06-14 12:02:05
(11 hours ago)
.env scanning [BY]
Web App Attack
πΊπΈ
stvnrdg.me
2026-06-14 10:59:08
(12 hours ago)
35.243.104.82 - - [14/Jun/2026:10:59:08 +0000] "GET /phpinfo.php HTTP/1.1" 404 4122 "-" "Mozilla/5.0 ...
show more
35.243.104.82 - - [14/Jun/2026:10:59:08 +0000] "GET /phpinfo.php HTTP/1.1" 404 4122 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) AppleWebKit/531.21.8 (KHTML, like Gecko) Version/4.0.4 Safari/531.21.10"
...
show less
Hacking
π©πͺ
EGP Abuse Dept
2026-06-14 06:22:59
(17 hours ago)
Scanning for web/db/file exploits on products.wirelessvalue.nl
SQL Injection
Bad Web Bot
Web App Attack
π¨π
backslash
2026-06-14 05:06:03
(18 hours ago)
block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68
Bad Web Bot
π¨π
4server
2026-06-14 04:46:40
(19 hours ago)
[SunJun1406:46:32.9500632026][security2:error][pid487919:tid488141][client35.243.104.82:0]ModSecurit ...
show more
[SunJun1406:46:32.9500632026][security2:error][pid487919:tid488141][client35.243.104.82:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"executivekotech.it\"][uri\"/actuator/threaddump\"][unique_id\"ai4yKC1-iP0a1IEQeRvNlwAAAEo\"]
show less
Hacking
Web App Attack
πΊπΈ
Matthew Ping
2026-06-14 03:00:09
(20 hours ago)
ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-06-14 01:59:02
(21 hours ago)
(mod_security) mod_security (id:210730) triggered by 35.243.104.82 (82.104.243.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.243.104.82 (82.104.243.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:58:54.867174 2026] [security2:error] [pid 3509:tid 3509] [client 35.243.104.82:55614] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pdonato.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pdonato.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai4K3gaYKwsMP-2pCUbnbgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack