๐ฉ๐ช
ghostwarriors
2026-07-07 00:20:46
(44 minutes ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2026-07-07 00:15:39
(49 minutes ago)
2026/07/07 02:15:38 [error] 80620#110370: *518424 access forbidden by rule, client: 149.56.150.95, s ...
show more
2026/07/07 02:15:38 [error] 80620#110370: *518424 access forbidden by rule, client: 149.56.150.95, server: revolutionbim.com, request: "GET /.well-known/security.txt HTTP/2.0", host: "revolutionbim.com"
...
show less
Web Spam
๐ท๐บ
Andrey Ganichvili
2026-07-05 12:40:07
(1 day ago)
Unauthorized sitemap access (/sitemap.xml) from 149.56.150.95
Web App Attack
๐ฉ๐ช
filstal.org
2026-06-16 21:21:36
(2 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-19 22:19:58
(1 month ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.95 (crawl-149-56-150-95.dataprovider ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.95 (crawl-149-56-150-95.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 18:19:53.995382 2026] [security2:error] [pid 2136:tid 2136] [client 149.56.150.95:54081] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.fiestadj.com.mx|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fiestadj.com.mx"] [uri "/"] [unique_id "agziCZYJmlVt6I3R3Qyu0gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-05-06 13:33:43
(2 months ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
๐ฉ๐ช
Skyrider
2026-04-21 06:06:47
(2 months ago)
149.56.150.95 - - [21/Apr/2026:08:06:38 +0200] "GET /faq/ HTTP/2.0" 403 12163 "-" "Mozilla/5.0 (comp ...
show more
149.56.150.95 - - [21/Apr/2026:08:06:38 +0200] "GET /faq/ HTTP/2.0" 403 12163 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.95 - - [21/Apr/2026:08:06:45 +0200] "GET /humans.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.95 - - [21/Apr/2026:08:06:45 +0200] "GET /security.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.95 - - [21/Apr/2026:08:06:46 +0200] "GET /.well-known/security.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.95 - - [21/Apr/2026:08:06:46 +0200] "GET /ads.txt HTTP/2.0" 404 113 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-10 15:56:10
(2 months ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.95 (crawl-149-56-150-95.dataprovider ...
show more
(mod_security) mod_security (id:243420) triggered by 149.56.150.95 (crawl-149-56-150-95.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 11:56:03.258280 2026] [security2:error] [pid 2088886:tid 2088886] [client 149.56.150.95:34251] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.radionicships.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.radionicships.com"] [uri "/review.shtml"] [unique_id "adkdk3RDfwTfBQqVj4pIAwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-15 15:30:00
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.95 (crawl-149-56-150-95.dataprovider ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.95 (crawl-149-56-150-95.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 11:29:53.657969 2026] [security2:error] [pid 19301:tid 19304] [client 149.56.150.95:35705] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||condo.management|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "condo.management"] [uri "/contact/enlan.com"] [unique_id "abbQcXHMD9JDdd8A8zA9XwAAAMA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
myguns.ch
2025-12-31 01:55:53
(6 months ago)
Searching for vulnerable scripts: /.well-known/security.txt
Hacking
Web App Attack
๐จ๐ฟ
sajmon0011
2025-12-13 08:03:13
(6 months ago)
149.56.150.95 - - [13/Dec/2025:09:03:13 +0100] "GET /robots.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 ( ...
show more
149.56.150.95 - - [13/Dec/2025:09:03:13 +0100] "GET /robots.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-18 23:43:48
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 149.56.150.95 (crawl-149-56-150-95.dataprovider ...
show more
(mod_security) mod_security (id:210730) triggered by 149.56.150.95 (crawl-149-56-150-95.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 18 18:43:41.858980 2025] [security2:error] [pid 6212:tid 6212] [client 149.56.150.95:37673] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.serviciodeimpermeabilizaciontijuana.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.serviciodeimpermeabilizaciontijuana.com"] [uri "/nosotros/facebook.com"] [unique_id "aR0ErWwl5WYDx9k_Hl1hDgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
gurnip
2025-11-08 06:31:43
(7 months ago)
Vulnerability probe of page /.well-known/security.txt, not found on server.
Brute-Force
Web App Attack
๐ฉ๐ช
Kreapptivo
2025-10-27 09:22:16
(8 months ago)
[27/Oct/2025:10:22:13 +0100] Web-Request: "GET /.well-known/security.txt", User-Agent: "Mozilla/5.0 ...
show more
[27/Oct/2025:10:22:13 +0100] Web-Request: "GET /.well-known/security.txt", User-Agent: "Mozilla/5.0 (compatible; Dataprovider.com)"
show less
Bad Web Bot
Web App Attack
๐ฎ๐น
Progetto1
2025-09-24 11:20:03
(9 months ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack