๐บ๐ธ
TPI-Abuse
2026-05-18 03:22:15
(1 month ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.82 (crawl-149-56-150-82.dataprovider ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.82 (crawl-149-56-150-82.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 23:22:11.048654 2026] [security2:error] [pid 3679:tid 3679] [client 149.56.150.82:52599] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.medioskreativos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.medioskreativos.com"] [uri "/soluciones"] [unique_id "agqF41nJ1tP2FA7YNDx2eQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Starburst SysOp Team
2026-03-03 09:30:01
(4 months ago)
Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 82.150.56.149.rbl.malwa ...
show more
Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 82.150.56.149.rbl.malware.expert succeeded at REQUEST_HEADERS:x-forwarded-for. (1001000-nue6-2)
show less
Hacking
๐ฉ๐ช
Viveronese
2026-01-27 04:08:22
(5 months ago)
HTTP vulnerability scanning
Web App Attack
๐บ๐ธ
Rocky Mountain Bioengineering Symposium
2025-12-27 08:17:07
(6 months ago)
[Sat Dec 27 01:17:06.281298 2025] [authz_core:error] [pid 268862:tid 140411087558208] [client 149.56 ...
show more
[Sat Dec 27 01:17:06.281298 2025] [authz_core:error] [pid 268862:tid 140411087558208] [client 149.56.150.82:34207] AH01630: client denied by server configuration: /var/www/public_html/www/
[Sat Dec 27 01:17:06.286688 2025] [authz_core:error] [pid 268862:tid 140411087558208] [client 149.56.150.82:34207] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html
[Sat Dec 27 01:17:06.603227 2025] [authz_core:error] [pid 268862:tid 140411062380096] [client 149.56.150.82:58279] AH01630: client denied by server configuration: /var/www/public_html/www/
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-12-17 05:00:24
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.82 (crawl-149-56-150-82.dataprovider ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.82 (crawl-149-56-150-82.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 17 00:00:20.097963 2025] [security2:error] [pid 19871:tid 19871] [client 149.56.150.82:54189] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.idodat.com|F|2"] [data ".php.old"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.idodat.com"] [uri "/index.php.OLD"] [unique_id "aUI45IfyCbsWMFsHusBAfwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
ketovoila.pl
2025-11-18 23:29:27
(7 months ago)
ketovoila.pl HONEYPOT traffic: count=19, paths=15; sample_path=www.ketovoila.pl/; UA=Mozilla/5.0 (co ...
show more
ketovoila.pl HONEYPOT traffic: count=19, paths=15; sample_path=www.ketovoila.pl/; UA=Mozilla/5.0 (compatible; Dataprovider.com); window=2025-11-18T19:48:16Z..2025-11-18T19:48:06Z
show less
Port Scan
Hacking
Brute-Force
๐ต๐ฑ
ketovoila.pl
2025-11-18 20:10:00
(7 months ago)
Aggressive scraping from Dataprovider.com bot, ignoring site policies and crawling unnecessary endpo ...
show more
Aggressive scraping from Dataprovider.com bot, ignoring site policies and crawling unnecessary endpoints.
show less
Bad Web Bot
๐จ๐ญ
backslash
2025-10-04 00:05:18
(9 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
Anonymous
2025-09-16 10:52:02
(9 months ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2025-09-15 13:08:45
(9 months ago)
Attempt to access forbidden file or directory.
Bad Web Bot
Web App Attack
๐ซ๐ท
IRISIO
2025-09-11 07:01:28
(9 months ago)
scans/SQL injection/spam posts : 20 queries
SQL Injection
Web App Attack
๐จ๐ญ
backslash
2025-08-10 05:43:33
(10 months ago)
Bad Web Bot
Anonymous
2025-06-14 02:15:15
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-06-01 22:48:16
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.82 (crawl-149-56-150-82.dataprovider ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.82 (crawl-149-56-150-82.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 18:48:11.948817 2025] [security2:error] [pid 3072941:tid 3072941] [client 149.56.150.82:44019] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.brookspowell.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.brookspowell.com"] [uri "/mail to: [email protected] "] [unique_id "aDzYqx4oQw3tItLwhO1kQQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-05-20 12:09:01
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH