πΊπΈ
Hazael
2026-07-03 19:31:30
(2 weeks ago)
SNOOPING - intended to probe for or exploit website vulnerabilities. From: Montreal, Canada - OVH SA ...
show more
SNOOPING - intended to probe for or exploit website vulnerabilities. From: Montreal, Canada - OVH SAS (AS16276 OVH SAS) - Agent: Mozilla/5.0 (compatible; Dataprovider.com)
show less
Web App Attack
π¦πΊ
Block Rockin' Beats
2026-06-21 01:40:02
(4 weeks ago)
Scanning for exploitable scripts
Hacking
Web App Attack
πΊπΈ
omc
2026-04-06 14:29:27
(3 months ago)
AH01797: Unauthorized file
Bad Web Bot
Anonymous
2026-02-08 12:03:55
(5 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
πͺπΈ
librebit
2026-02-01 11:20:17
(5 months ago)
Brute force
Brute-Force
πΊπΈ
TPI-Abuse
2026-01-17 01:22:31
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.217 (crawl-149-56-150-217.dataprovid ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.217 (crawl-149-56-150-217.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 20:22:25.364728 2026] [security2:error] [pid 10272:tid 10272] [client 149.56.150.217:49451] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.idodat.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.idodat.com"] [uri "/index.php.OLD"] [unique_id "aWrkUUcOQFirbR26WaAiewAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
librebit
2026-01-06 13:38:31
(6 months ago)
Brute force
Brute-Force
Anonymous
2025-12-13 00:22:02
(7 months ago)
Malicious activity detected
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-21 22:39:03
(7 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.217 (crawl-149-56-150-217.dataprovid ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.217 (crawl-149-56-150-217.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 17:38:55.762687 2025] [security2:error] [pid 5377:tid 5377] [client 149.56.150.217:35599] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.pswebsite.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.pswebsite.com"] [uri "/pswebsite/ProjectStartUp2/privacypolicy.htm"] [unique_id "aSDp_xEk5hpoSYupoJkcswAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
technojoe99
2025-10-26 04:26:42
(8 months ago)
Exploit scan from 149.56.150.217. GET /sitemap.xml HTTP/1.1.
Web App Attack
πΊπΈ
TPI-Abuse
2025-09-19 20:39:15
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.217 (crawl-149-56-150-217.dataprovid ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.217 (crawl-149-56-150-217.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 19 16:39:12.435572 2025] [security2:error] [pid 25002:tid 25002] [client 149.56.150.217:46541] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.chicagowca.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chicagowca.com"] [uri "/[email protected] "] [unique_id "aM2_cOXmqTzRBHGrLhWGJwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΎ
syokadmin
2025-09-05 16:49:21
(10 months ago)
149.56.150.217 (NL/The Netherlands/crawl-149-56-150-217.dataproviderbot.com), more than 2 Apache 403 ...
show more
149.56.150.217 (NL/The Netherlands/crawl-149-56-150-217.dataproviderbot.com), more than 2 Apache 403 hits in the last 3600 secs
show less
Brute-Force
Anonymous
2025-08-20 01:01:21
(10 months ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2025-08-16 05:57:12
(11 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
π¨π
backslash
2025-08-10 05:43:22
(11 months ago)
Bad Web Bot