๐บ๐ธ
TPI-Abuse
2026-07-10 13:01:14
(10 hours ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 09:01:08.117465 2026] [security2:error] [pid 27186:tid 27186] [client 149.56.150.110:42677] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.timberwolf-construction.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.timberwolf-construction.com"] [uri "/Church%20ideas/Church%20Web%20Revised/contact.html"] [unique_id "alDtFMphPeZgPvye8yoiRgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ท
setupgr
2026-06-24 14:14:56
(2 weeks ago)
(mod_security) mod_security (id:11000011) triggered by 149.56.150.110 (NL/The Netherlands/Groningen/ ...
show more
(mod_security) mod_security (id:11000011) triggered by 149.56.150.110 (NL/The Netherlands/Groningen/Groningen (Oosterpoortwijk)/-/[AS16276 OVH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 17:14:55.496010 2026] [security2:error] [pid 42676:tid 42822] [client 149.56.150.110:46381] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "dataproviderbot.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "131"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: crawl-149-56-150-110.dataproviderbot.com"] [severity "CRITICAL"] [hostname "www.babis.photo"] [uri "/"] [unique_id "ajvmX63toL4xD3LIimww_wAAAFQ"]
show less
Port Scan
๐บ๐ธ
cwytech
2026-06-09 13:35:12
(1 month ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/tpot-web-high.
Bad Web Bot
Web App Attack
๐ฌ๐ง
gurnip
2026-06-07 13:30:06
(1 month ago)
Vulnerability probe of page /.well-known/security.txt, not found on server.
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-05-28 00:04:32
(1 month ago)
WordPress directory enumeration
Web App Attack
๐ฐ๐ท
Seung Seog Han
2026-05-23 18:12:29
(1 month ago)
Brute-force attack detected
Brute-Force
SSH
๐ฉ๐ช
Skyrider
2026-05-01 19:59:33
(2 months ago)
149.56.150.110 - - [01/May/2026:21:58:46 +0200] "GET /faq/ HTTP/2.0" 403 12173 "-" "Mozilla/5.0 (com ...
show more
149.56.150.110 - - [01/May/2026:21:58:46 +0200] "GET /faq/ HTTP/2.0" 403 12173 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [01/May/2026:21:59:25 +0200] "GET /ads.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [01/May/2026:21:59:29 +0200] "GET /llms.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [01/May/2026:21:59:31 +0200] "GET /humans.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [01/May/2026:21:59:32 +0200] "GET /security.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Bad Web Bot
Web App Attack
๐ช๐ธ
librebit
2026-02-06 18:23:22
(5 months ago)
Brute force
Brute-Force
Anonymous
2026-01-25 22:40:41
(5 months ago)
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ...
show more
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 149.56.150.110 (NL/The Netherlands/crawl-149-56-150-110.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.56.150.110 - - [25/Jan/2026:23:40:30 +0100] "GET / HTTP/1.1" 301 527 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [25/Jan/2026:23:40:30 +0100] "GET / HTTP/1.1" 200 158948 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [25/Jan/2026:23:40:34 +0100] "GET /robots.txt HTTP/1.1" 200 1577 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [25/Jan/2026:23:40:35 +0100] "GET /sitemap_index.xml HTTP/1.1" 200 2098 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.110 - - [25/Jan/2026:23:40:37 +0100] "GET / HTTP/1.1" 200 156508 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Port Scan
๐ซ๐ท
masterguru
2026-01-18 14:27:59
(5 months ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2025-11-29 08:20:10
(7 months ago)
IM360 WAF: Request indicates a Headless browser
Brute-Force
Web App Attack
๐จ๐ญ
backslash
2025-11-07 21:50:06
(8 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-09-17 15:31:21
(9 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 17 11:31:15.724810 2025] [security2:error] [pid 21223:tid 21223] [client 149.56.150.110:51863] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.medioskreativos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.medioskreativos.com"] [uri "/soluciones"] [unique_id "aMrUQ0ra_dUhYTPmkDO1wgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-20 06:47:52
(10 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.110 (crawl-149-56-150-110.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 20 02:47:48.537590 2025] [security2:error] [pid 18838:tid 18838] [client 149.56.150.110:48441] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.fitzcosound.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fitzcosound.com"] [uri "/lrates.html"] [unique_id "aKVvlFzVeCJEPOkJZL8UgQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-08-02 03:45:11
(11 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot