Anonymous
2026-07-16 01:58:59
(3 days ago)
Bad Web Bot
Anonymous
2026-07-05 18:47:24
(1 week ago)
Bad Web Bot
๐ฉ๐ช
grassau.com
2026-07-03 04:15:22
(2 weeks ago)
*Port Scan* detected from 95.217.204.18 (FI/Finland/Uusimaa/Helsinki/static.18.204.217.95.clients.yo ...
show more
*Port Scan* detected from 95.217.204.18 (FI/Finland/Uusimaa/Helsinki/static.18.204.217.95.clients.your-server.de).
show less
Port Scan
๐ฉ๐ช
conseilgouz
2026-07-02 05:22:01
(2 weeks ago)
law-Joomla User : try to access forms...
Hacking
Anonymous
2026-07-01 20:12:07
(2 weeks ago)
Suspicious activity detected in web server access logs
Web App Attack
๐ฌ๐ง
Oakley
2026-07-01 17:39:30
(2 weeks ago)
(antiscrape_rule) Web application abuse detected 95.217.204.18 (FI/Finland/static.18.204.217.95.clie ...
show more
(antiscrape_rule) Web application abuse detected 95.217.204.18 (FI/Finland/static.18.204.217.95.clients.your-server.de): 5 in the last 900 secs
show less
Hacking
๐ฉ๐ช
conseilgouz
2026-07-01 06:48:27
(2 weeks ago)
slw-(visforms) : try to access forms...
Hacking
Anonymous
2026-06-30 16:20:58
(2 weeks ago)
XSS Attempt
Hacking
๐บ๐ธ
cyfordtechnologies.com
2026-06-23 11:47:23
(3 weeks ago)
Non-human high traffic: 12/7 : Reported by Cyford API
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 16:50:48
(3 weeks ago)
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.you ...
show more
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 12:50:43.317093 2026] [security2:error] [pid 10615:tid 10615] [client 95.217.204.18:40854] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||a-absoluteseptic.com|F|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "a-absoluteseptic.com"] [uri "/"] [unique_id "ajln42FvQJ-S98JON3CE8wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 02:33:33
(3 weeks ago)
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.you ...
show more
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:33:26.197681 2026] [security2:error] [pid 19323:tid 19323] [client 95.217.204.18:47912] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||333w88.com|F|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "333w88.com"] [uri "/"] [unique_id "ajie9iPwI-Pp8oxOFg6y6wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 22:14:58
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 95.217.204.18 (static.18.204.217.95.clients.you ...
show more
(mod_security) mod_security (id:210730) triggered by 95.217.204.18 (static.18.204.217.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:14:53.655309 2026] [security2:error] [pid 408:tid 408] [client 95.217.204.18:47246] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||phantomkennels.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phantomkennels.com"] [uri "/[email protected] "] [unique_id "ajRt3ZyTMdHZx4NYeT9lHgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 20:08:15
(1 month ago)
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.you ...
show more
(mod_security) mod_security (id:217210) triggered by 95.217.204.18 (static.18.204.217.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 16:08:08.265565 2026] [security2:error] [pid 6886:tid 6886] [client 95.217.204.18:34798] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||grasslakepizzatime.com|F|4"] [data "GET ?C=S;O=A HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "grasslakepizzatime.com"] [uri "/"] [unique_id "ajRQKJhA_D9u__TXL6eWVQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Phenix Info
2026-06-14 03:18:43
(1 month ago)
SmallGuard.fr/Prestashop Massive 403
Web App Attack
๐ฌ๐ง
Nick Lewis
2026-06-14 02:07:07
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 95.217.204.18 (FI/Finland/static.18.204 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 95.217.204.18 (FI/Finland/static.18.204.217.95.clients.your-server.de)
show less
SQL Injection