๐ฉ๐ช
updown.io
2026-06-21 05:59:13
(2 weeks ago)
{"level":"info","ts":1782021552.7016547,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1782021552.7016547,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"51.75.128.153","remote_port":"48488","client_ip":"51.75.128.153","proto":"HTTP/2.0","method":"GET","host":"status.pensiontransfer.online","uri":"/aanmelden/Uitleg%20LEES%20MIJ.txt","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.3"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"status.pensiontransfer.online","ech":false}},"bytes_read":0,"user_id":"","duration":0.000165496,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1782021552.7019174,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"51.75.128.153","remote_port":"48488","client_ip":"51.75.128.153","proto":"HTTP/2.0","method":"GET","host":"status.
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 13:43:21
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:43:16.351289 2026] [security2:error] [pid 3011:tid 3057] [client 51.75.128.153:56136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.el-designers.com.oplconnect.com"] [uri "/wp-admin/css/dhl/composer.json"] [unique_id "ajaY9B7i5nsB1bFAEuw2qwAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ญ๐ฐ
Harold Wong
2026-06-16 15:16:16
(3 weeks ago)
$f2bV_matches
Brute-Force
๐ง๐ช
cmbplf
2026-06-12 12:42:22
(3 weeks ago)
320 requests with url.path */composer.json
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-10 10:28:38
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:28:31.494960 2026] [security2:error] [pid 10905:tid 10905] [client 51.75.128.153:46444] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.centerofhopefl.com.tribecalledfamilypodcast.org"] [uri "/alipaycc/composer.json"] [unique_id "aik8T0wwVmbeuRPDqHV-LgAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-07 12:34:22
(1 month ago)
(modsecurity) srv101 ModSecurity 51.75.128.153 (FR/France/ns3131567.ip-51-75-128.eu): 10 in the last ...
show more
(modsecurity) srv101 ModSecurity 51.75.128.153 (FR/France/ns3131567.ip-51-75-128.eu): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-06-04 01:27:28
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 23:16:50
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 19:16:46.081716 2026] [security2:error] [pid 13879:tid 13927] [client 51.75.128.153:42754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "forestvalleyranch.com.trinketjar.com"] [uri "/cb/composer.json"] [unique_id "ahzBXlR4_XOIdTwTvJqbtgAAAVI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-30 20:56:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 16:56:13.905703 2026] [security2:error] [pid 20449:tid 20449] [client 51.75.128.153:41308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyber-matrix.org.ieas.org"] [uri "/dhenlen/composer.json"] [unique_id "ahtO7XJX2ytiBaUjU7oAGgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-05-29 23:50:40
(1 month ago)
Too many 404 requests [BY]
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-21 22:01:44
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-21
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-21 10:09:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 06:09:39.136076 2026] [security2:error] [pid 29718:tid 29718] [client 51.75.128.153:59532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mark-et-ing-1llc.com.nldi.us"] [uri "/millenniumbank/composer.json"] [unique_id "ag7Z45sD28fi9L7rLVfIdAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
EGP Abuse Dept
2026-05-20 05:35:55
(1 month ago)
Scanning for web/db/file exploits on dev-jtf-rijnmond.kansenvoorwest.nl.mach3test.com
SQL Injection
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-05-17 11:00:03
(1 month ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-17 04:02:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 51.75.128.153 (ns3131567.ip-51-75-128.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 00:02:21.239396 2026] [security2:error] [pid 11709:tid 11709] [client 51.75.128.153:41480] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.industrialovens.us.daveweisman.com"] [uri "/hle/composer.json"] [unique_id "agk9zcd9NRT24ktBUEZz0gAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack