๐ฉ๐ช
Didier Lagaert
2025-12-24 16:15:25
(6 months ago)
lie-Joomla Authentification : try to force the door...
Hacking
๐ซ๐ท
conseilgouz
2025-12-24 15:28:19
(6 months ago)
fme-Joomla Authentification : try to force the door...
Hacking
Anonymous
2025-12-24 15:25:53
(6 months ago)
fee-Joomla Authentification : try to force the door...
Hacking
๐ฉ๐ช
marzzzello
2025-12-15 00:36:28
(6 months ago)
Ports: 33x 60523
Port Scan
๐ซ๐ท
Thaliruth
2025-12-13 02:03:21
(6 months ago)
169.150.228.15 - - [13/Dec/2025:03:03:20 +0100] "GET /administrator/index.php HTTP/1.1" 200 14560 "h ...
show more
169.150.228.15 - - [13/Dec/2025:03:03:20 +0100] "GET /administrator/index.php HTTP/1.1" 200 14560 "https://reiter-von-rohan.com/administrator/index.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3198.0 Safari/537.36 OPR/49.0.2711.0"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
Didier Lagaert
2025-12-13 01:24:56
(6 months ago)
lie-Joomla Authentification : try to force the door...
Hacking
๐ซ๐ท
conseilgouz
2025-12-13 00:46:08
(6 months ago)
fme-Joomla Authentification : try to force the door...
Hacking
Anonymous
2025-12-13 00:43:28
(6 months ago)
fee-Joomla Authentification : try to force the door...
Hacking
๐บ๐ธ
TPI-Abuse
2025-12-04 09:17:03
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.c ...
show more
(mod_security) mod_security (id:210730) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 04:16:59.859217 2025] [security2:error] [pid 11179:tid 11179] [client 169.150.228.15:41811] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||arsndetx.com|F|2"] [data ".arsndetx.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "arsndetx.com"] [uri "/HTTPS:/WWW.ARSNDETX.COM"] [unique_id "aTFRi54K6lyauT7PyBblGQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-09 00:00:55
(9 months ago)
Aggressive web scan
SQL Injection
Bad Web Bot
Web App Attack
๐ฉ๐ช
KI-Netzwerk
2025-07-17 04:28:07
(11 months ago)
Bad Calls: Webpage scraping, Web App Attack
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2025-06-12 02:12:43
(1 year ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-02-09 06:43:04
(1 year ago)
(mod_security) mod_security (id:221260) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.c ...
show more
(mod_security) mod_security (id:221260) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 09 01:42:59.255315 2025] [security2:error] [pid 17590:tid 17590] [client 169.150.228.15:39640] [client 169.150.228.15] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpanel.acraloc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.acraloc.com"] [uri "/"] [unique_id "Z6hOc07dj1CO_I0hkL-7RAAAAAI"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-02-09 01:52:37
(1 year ago)
$f2bV_matches
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-02-08 23:19:54
(1 year ago)
(mod_security) mod_security (id:221260) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.c ...
show more
(mod_security) mod_security (id:221260) triggered by 169.150.228.15 (unn-169-150-228-15.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 08 18:19:35.349010 2025] [security2:error] [pid 1899946:tid 1899946] [client 169.150.228.15:42140] [client 169.150.228.15] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||webmail.adultandchild.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.adultandchild.org"] [uri "/cgi-bin/status"] [unique_id "Z6fmh6dKGIwRO-xlxfr0CQAAAAU"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack