๐ฌ๐ง
openstrike.co.uk
2025-11-13 06:13:44
(7 months ago)
797 attacks on PHP URLs, env grabbing URLs, site downloads, site downloads (type 2):
GET /phpMyAdmin ...
show more
797 attacks on PHP URLs, env grabbing URLs, site downloads, site downloads (type 2):
GET /phpMyAdmin-5.1.0-all-languages HTTP/1.1
GET /.env HTTP/1.1
GET /new_website.tar HTTP/1.1
GET /backup HTTP/1.1
show less
Hacking
Web App Attack
๐ช๐ธ
robotstxt
2025-11-12 05:42:13
(7 months ago)
159.223.232.230 - - [12/Nov/2025:04:49:48 +0000] "GET /cgi-bin.tar HTTP/1.1" 404 31 "https://seguros ...
show more
159.223.232.230 - - [12/Nov/2025:04:49:48 +0000] "GET /cgi-bin.tar HTTP/1.1" 404 31 "https://segurosaegon.com/cgi-bin.tar" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
159.223.232.230 - - [12/Nov/2025:04:54:57 +0000] "GET /cgi-bin.gz HTTP/1.1" 404 31 "https://segurosaegon.com/cgi-bin.gz" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
159.223.232.230 - - [12/Nov/2025:05:07:41 +0000] "GET /cgi-bin.rar HTTP/1.1" 404 31 "https://segurosaegon.com/cgi-bin.rar" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
159.223.232.230 - - [12/
...
show less
Bad Web Bot
๐จ๐ญ
zynex
2025-11-12 03:01:06
(7 months ago)
URL Probing: /adminer-5.2.1-mysql.php
Web App Attack
๐บ๐ธ
myagent.site
2025-11-11 22:15:34
(7 months ago)
Blocking for trying to access an exploit file: /ADMINER.php
Hacking
๐บ๐ธ
TPI-Abuse
2025-11-11 14:54:23
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 09:54:16.367852 2025] [security2:error] [pid 22022:tid 22022] [client 159.223.232.230:59974] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||robinnixon.org|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "robinnixon.org"] [uri "/html.bak"] [unique_id "aRNOGHUczsrYa_yIRUDg6wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-10 16:10:27
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 11:10:23.478428 2025] [security2:error] [pid 15412:tid 15412] [client 159.223.232.230:60756] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||megastorebuilders.info|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "megastorebuilders.info"] [uri "/2024.bak"] [unique_id "aRIOb6eNFkxXlmsGAlOXmQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2025-11-08 06:37:13
(8 months ago)
URL Probing: /adminer-4.8.1-mysql-en.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-07 13:33:29
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 08:33:23.850237 2025] [security2:error] [pid 29643:tid 29729] [client 159.223.232.230:44682] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||rosendalsateri.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rosendalsateri.com"] [uri "/0.bak"] [unique_id "aQ31I3Hxt8e5sAPO0UiPhQAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-07 05:24:36
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 159.223.232.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 00:24:32.903248 2025] [security2:error] [pid 24437:tid 24437] [client 159.223.232.230:43522] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||frenchla.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "frenchla.com"] [uri "/site.bak"] [unique_id "aQ2CkO0XuLjHt1nWwhmXwwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2025-11-03 13:13:18
(8 months ago)
(db_admin_scan) srv103 DB admin scan 159.223.232.230 (NL/The Netherlands/-): 1 in the last 3600 secs ...
show more
(db_admin_scan) srv103 DB admin scan 159.223.232.230 (NL/The Netherlands/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ช๐ธ
masterguru
2025-11-01 21:33:06
(8 months ago)
COMODO WAF: URL file extension is restricted by policy. Match of "pmFromFile userdata_wl_extensions" ...
show more
COMODO WAF: URL file extension is restricted by policy. Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. (210730-122)
show less
Hacking
๐ง๐ช
taivas.nl
2025-10-31 06:02:11
(8 months ago)
Bad_requests
Bad Web Bot
๐ฉ๐ช
mxinfra
2024-12-03 01:32:18
(1 year ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
mxinfra
2024-12-03 00:00:17
(1 year ago)
Blocked by Fail2Ban (plesk-wordpress)
Hacking
Brute-Force
Web App Attack
๐น๐ท
rtbh.com.tr
2024-11-25 20:53:04
(1 year ago)
list.rtbh.com.tr report: tcp/0
Brute-Force