๐ฎ๐น
VHosting
2025-08-28 13:55:50
(10 months ago)
Detected attack by Imunify360
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-28 11:16:20
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 28 07:16:14.201314 2025] [security2:error] [pid 6852:tid 6852] [client 192.210.206.161:48920] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.bgraph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bgraph.com"] [uri "/"] [unique_id "aLA6fse9V_vSOazbl4QkZwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-28 09:29:50
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 28 05:29:45.006572 2025] [security2:error] [pid 3634:tid 3634] [client 192.210.206.161:48166] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6752"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.bcmech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bcmech.com"] [uri "/"] [unique_id "aLAhiXOZfWDnLotIhbiICgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-28 08:54:24
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 28 04:54:16.997204 2025] [security2:error] [pid 25980:tid 25980] [client 192.210.206.161:45526] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.batfry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.batfry.com"] [uri "/"] [unique_id "aLAZODSCBUft8aHCxWK-NgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-28 07:49:25
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 28 03:49:19.331594 2025] [security2:error] [pid 29714:tid 29714] [client 192.210.206.161:51890] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.a1laha.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.a1laha.com"] [uri "/"] [unique_id "aLAJ_8eFyXmJiRhODepffgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-27 19:56:16
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 27 15:56:08.764439 2025] [security2:error] [pid 1751:tid 1751] [client 192.210.206.161:35724] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.arzoma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.arzoma.com"] [uri "/"] [unique_id "aK9i2PJAaZx5vxMOA63R3gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-27 12:30:06
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 27 08:29:58.608666 2025] [security2:error] [pid 18620:tid 18620] [client 192.210.206.161:54700] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.addocc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.addocc.com"] [uri "/"] [unique_id "aK76RiD1d5pcchWBLJGjjgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-08-27 01:11:00
(10 months ago)
eval-stdin.php
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-26 11:01:18
(10 months ago)
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:243930) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 26 07:01:09.026746 2025] [security2:error] [pid 86044:tid 86063] [client 192.210.206.161:39248] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||www.wwjnd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.wwjnd.com"] [uri "/"] [unique_id "aK2T9YDFRM4wzxMhzZffdQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Mediashaker
2025-08-24 14:46:42
(10 months ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 192.210.206.161 (US/Unit ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 192.210.206.161 (US/United States/-)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2025-08-23 12:10:50
(10 months ago)
(mod_security) mod_security (id:211190) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:211190) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 23 08:10:45.326406 2025] [security2:error] [pid 13705:tid 13705] [client 192.210.206.161:36686] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.lmffl.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lmffl.com"] [uri "/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp"] [unique_id "aKmvxaVrnBbvB-CwqjsIcAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-22 17:22:12
(10 months ago)
(mod_security) mod_security (id:211190) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:211190) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 22 13:22:05.182908 2025] [security2:error] [pid 21767:tid 21767] [client 192.210.206.161:60862] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.dildog.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dildog.com"] [uri "/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp"] [unique_id "aKinPSubxglwQUwWx7je7QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Tripwire
2025-08-13 21:14:16
(10 months ago)
Scanning for exploits - /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Web App Attack
๐ฒ๐พ
Rizzy
2025-07-02 08:00:17
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-02 05:48:42
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 192.210.206.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 02 01:48:32.906979 2025] [security2:error] [pid 6836:tid 6836] [client 192.210.206.161:40870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tyllo.com"] [uri "/wp-config.php.bk"] [unique_id "aGTIMA3clVqTNXpZxtgjvQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack