Anonymous
2026-07-08 23:02:00
(2 days ago)
JSP Upload Bypass Attempt
Web App Attack
๐ง๐ท
SOC PR
2026-05-28 10:06:03
(1 month ago)
IPS: Apache Struts2 ParametersInterceptor Remote Command Execution.
Web App Attack
๐ง๐ท
megagengar
2026-05-15 12:07:00
(1 month ago)
Persistent and automated vulnerability scanning activity has been observed from this source, executi ...
show more
Persistent and automated vulnerability scanning activity has been observed from this source, executing repetitive Path Traversal and Local File Inclusion (LFI) attempts against our web server infrastructure. The attacker utilizes malformed URIs embedded with directory traversal sequences (e.g., //../../../../ and encoded backslashes) explicitly targeting standard Windows system configuration files such as win.ini. The malicious traffic spans a multi-week period with identical payloads, which is highly characteristic of an automated botnet or aggressive vulnerability scanner probing for unpatched directory traversal vulnerabilities.
show less
Port Scan
Bad Web Bot
Web App Attack
๐ง๐ท
ICS Labs
2026-05-12 00:45:07
(1 month ago)
ICS Labs identified 146.235.35.124 as a malicious indicator from threat intelligence.
Hacking
๐จ๐ญ
backslash
2026-04-20 21:30:05
(2 months ago)
DDoS Attack
Anonymous
2026-04-10 05:54:08
(3 months ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ง๐ท
ufn.edu.br
2026-04-06 10:21:11
(3 months ago)
[Mon Apr 06 07:21:10.696099 2026] [:error] [pid 15091] [client 146.235.35.124] ModSecurity: Access d ...
show more
[Mon Apr 06 07:21:10.696099 2026] [:error] [pid 15091] [client 146.235.35.124] ModSecurity: Access denied with code 400 (phase 2). Match of "eq 0" against "REQBODY_ERROR" required. [file "/etc/modsecurity/modsecurity.conf"] [line "54"] [id "200001"] [msg "Failed to parse request body."] [data "Multipart parsing error: Multipart: Nul byte in part headers."] [severity "CRITICAL"] [hostname "ws12vmsma01.ufn.edu.br"] [uri "/"] [unique_id "adOJFn8AAAEAADrzYakAAAAC"]
...
show less
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-05 06:43:35
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 146.235.35.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 146.235.35.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 01:43:27.083966 2025] [security2:error] [pid 12532:tid 12532] [client 146.235.35.124:63320] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cnprcertificationreviews.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cnprcertificationreviews.org"] [uri "/instagram.com"] [unique_id "aQryD6GH389h8a_PQLvESgAAAAU"], referer: https://cnprcertificationreviews.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
nitrix
2025-09-07 00:14:18
(10 months ago)
ZMap scanning detected
Port Scan
Hacking
๐ฉ๐ช
Packets-Decreaser.NET
2025-05-16 21:14:50
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-05-09 11:56:14
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 146.235.35.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 146.235.35.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 09 07:56:06.092055 2025] [security2:error] [pid 3274588:tid 3274588] [client 146.235.35.124:24518] [client 146.235.35.124] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cnprcertificationreviews.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cnprcertificationreviews.org"] [uri "/twitter.com"] [unique_id "aB3tVgvBGlYW-JvWcunNIAAAAA0"], referer: https://cnprcertificationreviews.org/
show less
Brute-Force
Bad Web Bot
Web App Attack