๐ฆ๐บ
oncord
2026-07-04 03:45:51
(2 hours ago)
Form spam
Web Spam
Anonymous
2026-07-02 12:01:07
(1 day ago)
2026-07-02 04:01:02,631 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
2026-07-02 ...
show more
2026-07-02 04:01:02,631 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
2026-07-02 07:00:29,867 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
2026-07-02 10:00:22,992 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
2026-07-02 13:00:15,905 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
2026-07-02 15:00:56,552 fail2ban.actions [3625835]: NOTICE [tor] Ban 204.8.96.165
show less
Brute-Force
Anonymous
2026-02-13 14:44:08
(4 months ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
gu-alvareza
2026-02-13 07:05:09
(4 months ago)
Apache.Log4j.Error.Log.Remote.Code.Execution
Hacking
Web App Attack
Anonymous
2026-02-13 06:17:06
(4 months ago)
[redacted] 204.8.96.165 - - [13/Feb/2026:07:16:59 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mo ...
show more
[redacted] 204.8.96.165 - - [13/Feb/2026:07:16:59 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Edg/118.0.0.0"
[redacted] 204.8.96.165 - - [13/Feb/2026:07:17:01 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Edg/118.0.0.0"
[redacted] 204.8.96.165 - - [13/Feb/2026:07:17:04 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Edg/118.0.0.0"
[redacted] 204.8.96.165 - - [13/Feb/2026:07:17:04 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 Edg/118.0.0.0"
[redacted] 204.8.96.165 - - [13/Feb/2026:07:17:04 +0100] "POST /xmlrpc.
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-04 02:32:59
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 204.8.96.165 (tor76.quintex.com): 1 in the last ...
show more
(mod_security) mod_security (id:210350) triggered by 204.8.96.165 (tor76.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 21:32:54.860640 2026] [security2:error] [pid 22073:tid 22073] [client 204.8.96.165:57820] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||alameeran.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "alameeran.net"] [uri "/xmlrpc.php"] [unique_id "aYKv1jDtd2pK15ibjnbOFwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
gu-alvareza
2026-02-02 07:05:09
(5 months ago)
Atlassian.Server.S.Endpoint.Information.Disclosure
Web App Attack
๐ฆ๐บ
MAGIC
2026-02-02 00:09:10
(5 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
Hmorrin
2026-02-01 09:15:48
(5 months ago)
Port Scan
๐บ๐ธ
gu-alvareza
2026-02-01 07:05:09
(5 months ago)
ThinkPHP.Controller.Parameter.Remote.Code.Execution
Hacking
Web App Attack
๐บ๐ธ
gu-alvareza
2026-01-31 07:05:15
(5 months ago)
HTTP.URI.SQL.Injection
SQL Injection
Web App Attack
๐บ๐ธ
Hmorrin
2026-01-31 04:15:49
(5 months ago)
Port Scan
๐บ๐ธ
gu-alvareza
2026-01-30 07:05:18
(5 months ago)
Nessus.Scanner
Port Scan
๐บ๐ธ
Hmorrin
2026-01-29 10:15:45
(5 months ago)
Port Scan
๐บ๐ธ
TPI-Abuse
2026-01-29 00:59:22
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 204.8.96.165 (tor76.quintex.com): 1 in the last ...
show more
(mod_security) mod_security (id:210350) triggered by 204.8.96.165 (tor76.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 28 19:59:14.550717 2026] [security2:error] [pid 24100:tid 24100] [client 204.8.96.165:58556] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||digifonics.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "digifonics.com"] [uri "/"] [unique_id "aXqw4smrCFqReHu5iIKy6gAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack