๐ต๐พ
armandosaucedo.me
2026-06-24 07:26:07
(4 days ago)
Threat Intelligence via ARMTI, Web Attack: GET /sitemap.xml
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-16 11:15:13
(1 month ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 07:15:05.710218 2026] [security2:error] [pid 26060:tid 26060] [client 149.56.150.145:45551] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6649"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.lakewoodranchhairsalon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.lakewoodranchhairsalon.com"] [uri "/team.php"] [unique_id "aghRuc0m77R1eKeTT1f-YQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-30 18:24:05
(4 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 13:24:02.205049 2026] [security2:error] [pid 10775:tid 10775] [client 149.56.150.145:48971] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.captainquirks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.captainquirks.com"] [uri "/contact/contact.php"] [unique_id "aXz3Qur1taWIUHQBZBFZ0wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-01-26 02:35:06
(5 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-01-14 15:47:44
(5 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 10:47:39.356679 2026] [security2:error] [pid 10586:tid 10586] [client 149.56.150.145:34253] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.fatlandtheplay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fatlandtheplay.com"] [uri "/guestbook.htm"] [unique_id "aWe6m9w3Qq3ESWthY11_igAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-01-01 20:57:04
(5 months ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
Anonymous
2025-12-30 14:12:23
(5 months ago)
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ...
show more
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 149.56.150.145 (NL/The Netherlands/crawl-149-56-150-145.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.56.150.145 - - [30/Dec/2025:15:12:01 +0100] "GET / HTTP/1.1" 301 535 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [30/Dec/2025:15:12:02 +0100] "GET / HTTP/1.1" 200 442584 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [30/Dec/2025:15:12:08 +0100] "GET /robots.txt HTTP/1.1" 200 929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [30/Dec/2025:15:12:11 +0100] "GET /sitemap.xml HTTP/1.1" 200 2721 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [30/Dec/2025:15:12:15 +0100] "GET / HTTP/1.1" 200 439348 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2025-12-29 07:30:19
(5 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.145 (crawl-149-56-150-145.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 02:30:15.292233 2025] [security2:error] [pid 25504:tid 25504] [client 149.56.150.145:45249] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.sangalgano.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.sangalgano.info"] [uri "/privacy_utilizzo_cookie_it.html"] [unique_id "aVIuB-fj0HmF0Inio4LnTQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2025-12-28 18:20:13
(6 months ago)
IM360 WAF: Hidden file access
Brute-Force
๐ณ๐ฑ
i-turnradio.nl
2025-12-07 08:51:52
(6 months ago)
2025-12-07 @ 09:51:52 (CET) ~ Blocked based on risk assessment and prior abuse reports
Web App Attack
Anonymous
2025-11-24 19:35:43
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2025-11-20 13:24:20
(7 months ago)
[Thu Nov 20 06:24:20.105545 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.5 ...
show more
[Thu Nov 20 06:24:20.105545 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.56.150.145:48641] AH01630: client denied by server configuration: /var/www/public_html/symposium/
[Thu Nov 20 06:24:20.108709 2025] [authz_core:error] [pid 1436165:tid 140332821902912] [client 149.56.150.145:48641] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html
[Thu Nov 20 06:24:20.339512 2025] [authz_core:error] [pid 1436165:tid 140333920712256] [client 149.56.150.145:47621] AH01630: client denied by server configuration: /var/www/public_html/symposium/
...
show less
Bad Web Bot
Anonymous
2025-09-04 11:14:28
(9 months ago)
149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compa ...
show more
149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - sliver85.eu - [04/Sep/2025:13:14:27 +0200] "GET / HTTP/1.1" 444 "Mozilla/5.0 (compatible; Dataprovider.com)"
...
show less
Brute-Force
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-08-27 22:25:56
(10 months ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.56.150.145
2025-08 ...
show more
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/149.56.150.145
2025-08-27 01:14:37 /bg-button.png
2025-08-27 01:14:36 /asf-logo-wide.svg
2025-08-27 01:14:37 /bg-upper.png
2025-08-27 01:14:37 /bg-middle.png
show less
Web App Attack
Anonymous
2025-08-11 10:37:55
(10 months ago)
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovid ...
show more
(apache-useragents) Failed apache-useragents trigger with match [Mozilla/5.0 (compatible; Dataprovider.com)] from 149.56.150.145 (NL/The Netherlands/crawl-149-56-150-145.dataproviderbot.com): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 149.56.150.145 - - [11/Aug/2025:12:37:26 +0200] "GET / HTTP/1.1" 301 350 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [11/Aug/2025:12:37:29 +0200] "GET / HTTP/1.1" 200 413708 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [11/Aug/2025:12:37:34 +0200] "GET /robots.txt HTTP/1.1" 200 929 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [11/Aug/2025:12:37:43 +0200] "GET / HTTP/1.1" 200 411149 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.145 - - [11/Aug/2025:12:37:48 +0200] "GET /sitemap.xml HTTP/1.1" 302 922 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Port Scan