๐บ๐ธ
TPI-Abuse
2026-06-15 02:06:06
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.247.216.21 (21.216.247.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.247.216.21 (21.216.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:05:57.279497 2026] [security2:error] [pid 15736:tid 15736] [client 35.247.216.21:39436] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cain2016.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cain2016.org"] [uri "/backup.sql"] [unique_id "ai9eBTpPuA-tgYVhe2qSIQAAAD8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-15 01:25:06
(2 weeks ago)
Bad bot ignoring robot.txt
Bad Web Bot
๐ซ๐ท
Octopuce
2026-06-14 23:04:34
(2 weeks ago)
Aggressive web search of vulnerable pages: /secrets/gcp.json /secrets/aws.json /secrets/azure.json / ...
show more
Aggressive web search of vulnerable pages: /secrets/gcp.json /secrets/aws.json /secrets/azure.json /docker-compose.yml /docker-compose.dev.yml ...
show less
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-14 21:56:44
(2 weeks ago)
Blocked by CSF 13 firewall - Rule: US/United States/21.216.247.35.bc.googleusercontent.com
Web App Attack
๐ช๐ธ
robotstxt
2026-06-14 16:09:07
(2 weeks ago)
35.247.216.21 - - [14/Jun/2026:16:09:03 +0000] "GET /mailer.zip HTTP/1.1" 404 178 "-" "Mozilla/5.0 ( ...
show more
35.247.216.21 - - [14/Jun/2026:16:09:03 +0000] "GET /mailer.zip HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.26 Safari/537.36 Core/1.63.5977.400 LBBROWSER/10.1.3752.400" "-"
35.247.216.21 - - [14/Jun/2026:16:09:03 +0000] "GET /mail.zip HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
35.247.216.21 - - [14/Jun/2026:16:09:07 +0000] "GET /mailer/sendgrid.js HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Linux; Android 4.4.2; LGMS323 Build/KOT49I.MS32310b) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.103 Mobile Safari/537.36" "-"
35.247.216.21 - - [14/Jun/2026:16:09:07 +0000] "GET /mailer/sendgrid.py HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36" "-"
35.247.216.21 - - [14/Jun/2026:16:09:07 +0000] "GET /mail/sendgrid.py HTTP/1.1" 404 17
...
show less
Bad Web Bot
๐ฎ๐น
VHosting
2026-06-14 05:50:03
(2 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-06-14 05:30:49
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐ฌ๐ง
consul.to
2026-06-14 05:22:57
(2 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
mnsf
2026-06-14 04:08:05
(2 weeks ago)
Scanning/Probing (61)
Request Overload (427)
Brute-Force
Web App Attack
๐บ๐ธ
jormaster3k
2026-06-14 02:33:41
(2 weeks ago)
Attack against Apache (too many 404s)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 02:01:54
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 35.247.216.21 (21.216.247.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 35.247.216.21 (21.216.247.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:01:51.468024 2026] [security2:error] [pid 29220:tid 29220] [client 35.247.216.21:40730] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||midwayisland.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "midwayisland.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ai4Lj1kAQGVmk3wkW370FwAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack