๐ฉ๐ช
kommunos
2026-07-11 09:24:32
(1 week ago)
/000.php
Web App Attack
๐บ๐ธ
kosada.com
2026-05-05 16:51:59
(2 months ago)
Web vulnerability probing: /wp-includes/sitemaps/wp-conflg.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-24 17:07:36
(2 months ago)
(mod_security) mod_security (id:240000) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240000) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 13:07:28.866405 2026] [security2:error] [pid 626009:tid 626009] [client 185.198.243.194:64045] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||billswilliams.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "billswilliams.com"] [uri "/images/stories/themes.php"] [unique_id "aeujUMnHaoZAHjgyq_aRGAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-04-16 17:15:58
(3 months ago)
Aggressive web search of vulnerable pages: /.well-known/dropdown.php /wp-includes/js/index.php /wp-a ...
show more
Aggressive web search of vulnerable pages: /.well-known/dropdown.php /wp-includes/js/index.php /wp-admin/maint/about.php /wp-admin/maint/index. ...
show less
Web App Attack
๐ณ๐ฑ
maxxsense
2026-04-09 15:44:24
(3 months ago)
185.198.243.194 (GB/United Kingdom/-), 12 distributed imapd attacks on account [redacted]
Brute-Force
๐บ๐ธ
mnsf
2026-03-03 22:05:42
(4 months ago)
Request Overload (138)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-12 18:49:48
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 13:49:43.756310 2026] [security2:error] [pid 31467:tid 31467] [client 185.198.243.194:43209] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||doubloonswap.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "doubloonswap.com"] [uri "/bak/backup.sql"] [unique_id "aY4gxyT-69i40eAMSgpicQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-25 21:46:57
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 16:46:52.902916 2026] [security2:error] [pid 25673:tid 25681] [client 185.198.243.194:20585] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||siestakeybch.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "siestakeybch.com"] [uri "/old/sql.sql"] [unique_id "aXaPTNg4Qe_wowBPfM7WPwAAAQI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-01-09 11:42:23
(6 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-05 15:06:08
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 10:06:03.832526 2026] [security2:error] [pid 454960:tid 454980] [client 185.198.243.194:46311] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ethniclivesmatter.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ethniclivesmatter.com"] [uri "/bak/dump.sql"] [unique_id "aVvTW8Rc4DoJarCfp2PaDQAAARE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-15 11:08:03
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 185.198.243.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 06:07:57.290024 2025] [security2:error] [pid 8442:tid 8442] [client 185.198.243.194:39329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doubloonswap.com"] [uri "/backups/sftp-config.json"] [unique_id "aRhfDff4fVDWILygdc_1egAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Penny Packer
2025-11-15 04:54:08
(8 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐ฉ๐ช
ps-center
2025-11-10 11:33:10
(8 months ago)
MYH: Web Attack GET //administrator/templates/isis/index.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-11-10 11:05:07
(8 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฌ๐ง
Swiptly
2025-11-10 08:25:00
(8 months ago)
Excessive 403/404/405 PHP/CMS errors from scanning or broken bots
...
Web App Attack