๐ซ๐ท
Catalin Negru
2026-07-06 19:04:06
(1 day ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 02:28:32
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:28:26.532398 2026] [security2:error] [pid 523:tid 523] [client 2001:41d0:801:2000::c38:54798] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tecnoconce.cl:80|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tecnoconce.cl"] [uri "/p-php.ini"] [unique_id "aksSyjSvk8AhMh7_Js4qFQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:42:48
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:42:44.740644 2026] [security2:error] [pid 21458:tid 21458] [client 2001:41d0:801:2000::c38:60248] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||koswerks.net:80|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "koswerks.net"] [uri "/index.bak"] [unique_id "aki5dJo9Po4nkakxKkcyiQAAAEA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Catalin Negru
2026-07-04 06:29:01
(3 days ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 22:40:30
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:40:26.700287 2026] [security2:error] [pid 5887:tid 5887] [client 2001:41d0:801:2000::c38:43578] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archief.org"] [uri "/bak.htaccess"] [unique_id "akWXWhtb55NauSoZyZHk8wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ฌ
HighWay
2026-06-30 23:12:20
(1 week ago)
2001:41d0:801:2000::c38 - - [30/Jun/2026:23:12:17 +0000] "GET /auto.jpg HTTP/1.1" 200 595172 "-" "Go ...
show more
2001:41d0:801:2000::c38 - - [30/Jun/2026:23:12:17 +0000] "GET /auto.jpg HTTP/1.1" 200 595172 "-" "Go-http-client/1.1"
2001:41d0:801:2000::c38 - - [30/Jun/2026:23:12:17 +0000] "GET /auto1.jpg HTTP/1.1" 200 497677 "-" "Go-http-client/1.1"
2001:41d0:801:2000::c38 - - [30/Jun/2026:23:12:18 +0000] "GET /auto2.jpg HTTP/1.1" 200 373432 "-" "Go-http-client/1.1"
2001:41d0:801:2000::c38 - - [30/Jun/2026:23:12:18 +0000] "GET /auto3.jpg HTTP/1.1" 200 574901 "-" "Go-http-client/1.1"
...
show less
IoT Targeted
Bad Web Bot
๐ซ๐ท
Catalin Negru
2026-06-29 18:56:44
(1 week ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 04:47:35
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:47:26.928189 2026] [security2:error] [pid 16016:tid 16016] [client 2001:41d0:801:2000::c38:43262] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.timezonespro.com.verdadesreales.com:80|F|2"] [data ".lnk"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.timezonespro.com.verdadesreales.com"] [uri "/!!!!imbnsjh5 - Acceso directo.lnk"] [unique_id "akH43gazSeCSX9SjHaf0ZgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Catalin Negru
2026-06-25 13:03:44
(1 week ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐ซ๐ท
Catalin Negru
2026-06-17 09:37:03
(2 weeks ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 21:09:41
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:09:32.940449 2026] [security2:error] [pid 21646:tid 21646] [client 2001:41d0:801:2000::c38:55550] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||genesis-castle.com:443|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "genesis-castle.com"] [uri "/4D/lastupdate.log"] [unique_id "ai3HDE2x5AtrFQqkCYssewAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-05-24 02:02:08
(1 month ago)
54.379 requests in 1 hour (4d13h59m)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-22 05:00:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210492) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 01:00:19.314634 2026] [security2:error] [pid 16594:tid 16594] [client 2001:41d0:801:2000::c38:38320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorder.us"] [uri "/USE-To-BLOCKwww.countryipblocks.net.htaccess"] [unique_id "ag_i4x9D-jnssbkSU804VQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 06:39:58
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.n ...
show more
(mod_security) mod_security (id:210730) triggered by 2001:41d0:801:2000::c38 (vps-bd272fa4.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 02:39:49.195445 2026] [security2:error] [pid 27960:tid 27960] [client 2001:41d0:801:2000::c38:50658] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||koswerks.net:80|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "koswerks.net"] [uri "/index.bak"] [unique_id "ag6otZu5WIB-ILGMnuoycQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Erpelstolz
2026-05-18 13:29:18
(1 month ago)
external host: 2001:41d0:801:2000::c38 - - [18/May/2026:15:29:15 +0200] "HEAD /backup.zip HTTP/1.1" ...
show more
external host: 2001:41d0:801:2000::c38 - - [18/May/2026:15:29:15 +0200] "HEAD /backup.zip HTTP/1.1" 200 250 "-" "Go-http-client/1.1"
show less
Web App Attack