๐ฉ๐ช
EnthecSolutions
2026-07-13 22:02:32
(16 hours ago)
Detected by Enthec Solutions. | Attempts: 282 in 24h | Target port: N/A
Brute-Force
Hacking
๐ฉ๐ช
CELOS-SOC
2026-07-13 00:30:49
(1 day ago)
Multiple Unauthorized SSLVPN Login Attempts
Hacking
Brute-Force
๐ฉ๐ช
EnthecSolutions
2026-07-12 22:01:31
(1 day ago)
Detected by Enthec Solutions. | Attempts: 60 in 24h | Target port: N/A
Brute-Force
Hacking
๐จ๐ณ
pengpeng
2026-07-02 19:18:51
(1 week ago)
monitor: on VM-0-7-ubuntu | port: 50638 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ...
show more
monitor: on VM-0-7-ubuntu | port: 50638 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Anonymous
2026-06-20 00:16:20
(3 weeks ago)
Web attack
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 21:34:51
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:34:43.715295 2026] [security2:error] [pid 31159:tid 31159] [client 151.240.62.57:44131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.paintedoverwhite.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.paintedoverwhite.com"] [uri "/"] [unique_id "aiXj87ZxLK_3sqNr2Ci4rwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Celtic
2026-06-07 02:01:44
(1 month ago)
Blocked by Fail2Ban with Jail (plesk-modsecurity)
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-07 00:54:44
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 20:54:36.486013 2026] [security2:error] [pid 18185:tid 18185] [client 151.240.62.57:23635] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.3905ccn.org|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.3905ccn.org"] [uri "/"] [unique_id "aiTBTH0yiPVxtNP2FQPgTQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-06-06 10:25:04
(1 month ago)
COMODO WAF: Rogue web site crawler. Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblo ...
show more
COMODO WAF: Rogue web site crawler. Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( (210831-178)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-06 06:30:50
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 02:30:43.430955 2026] [security2:error] [pid 14144:tid 14144] [client 151.240.62.57:27237] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.seishin-kan.org|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.seishin-kan.org"] [uri "/"] [unique_id "aiO-kwh98LSWSeSU9cHrJAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 03:13:33
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:13:28.813808 2026] [security2:error] [pid 26473:tid 26473] [client 151.240.62.57:27971] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ellesorority.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ellesorority.com"] [uri "/abbey-fine-art-wall-decor"] [unique_id "aiOQWB7QS8eCjWNge6_qUAAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 13:39:51
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 09:39:48.712108 2026] [security2:error] [pid 21077:tid 21077] [client 151.240.62.57:36475] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.frankweyer.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.frankweyer.com"] [uri "/robots.txt"] [unique_id "aiLRpE8AL4uQ1QgxJg--QQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-06-04 21:20:29
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 19:20:23
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 15:20:19.778353 2026] [security2:error] [pid 18938:tid 18938] [client 151.240.62.57:22721] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.batesstrategygroup.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.batesstrategygroup.com"] [uri "/robots.txt"] [unique_id "aiB-c8ZquHJsqGYQrXMXWgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-03 18:55:20
(1 month ago)
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 151.240.62.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:55:13.497835 2026] [security2:error] [pid 6798:tid 6798] [client 151.240.62.57:28257] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.ibiocat.com|F|4"] [data "panscient.com"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.ibiocat.com"] [uri "/"] [unique_id "aiB4kekWAlUSWIb353OKoAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack