๐บ๐ธ
LSPCCU
2026-06-30 04:16:27
(23 hours ago)
TSEC Honeypot Network report. Threat score: 62/100. Categories: Port Scan, Hacking, Brute-Force, Web ...
show more
TSEC Honeypot Network report. Threat score: 62/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: 23.
show less
Port Scan
Hacking
Brute-Force
Web App Attack
SSH
๐ฉ๐ช
CELOS-SOC
2026-06-24 16:31:32
(6 days ago)
Multiple Unauthorized SSLVPN Login Attempts
Hacking
Brute-Force
๐ณ๐ฑ
TCATERDSBE
2026-05-18 08:14:00
(1 month ago)
SQL Injection
SQL Injection
๐บ๐ธ
fortypoundhead
2026-05-15 07:18:31
(1 month ago)
SQL Injection Attempt
SQL Injection
Web App Attack
๐บ๐ธ
RidgeStar
2026-05-15 07:02:53
(1 month ago)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 06:38:17
(1 month ago)
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzul ...
show more
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:38:12.090481 2026] [security2:error] [pid 27315:tid 27315] [client 23.234.118.100:55997] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:action. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.oualierealty.com|F|2"] [data "Matched Data: etc/passwd found within ARGS:action: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "aga_VKoeyRVv4PTKYr5pOwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-05-15 06:12:23
(1 month ago)
Blocked scraper - no referer. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot|ap ...
show more
Blocked scraper - no referer. Match of "rx (?i)(amazonbot|bingbot|googlebot|yandexbot|duckduckbot|applebot)" against "REQUEST_HEADERS:user-agent" required. (780534-133)
show less
Hacking
๐บ๐ธ
rdpguard.com
2026-05-15 06:01:52
(1 month ago)
RdpGuard detected brute-force attempt on ASP.NET Web Forms
Brute-Force
๐ฆ๐บ
2000cn.com.au
2026-05-15 05:19:13
(1 month ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-15 00:44:03
(1 month ago)
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzul ...
show more
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 20:43:58.761719 2026] [security2:error] [pid 7491:tid 7491] [client 23.234.118.100:52486] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:tid. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.powerkiteforum.com|F|2"] [data "Matched Data: etc/passwd found within ARGS:tid: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.powerkiteforum.com"] [uri "/viewthread.php"] [unique_id "agZsTs0gf9zYl0PcPWF4wAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
donarev419
2026-05-15 00:33:35
(1 month ago)
Connection to port 3483 with data transfer.
Data preview: BitTorrent protocol
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-14 23:36:52
(1 month ago)
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzul ...
show more
(mod_security) mod_security (id:210580) triggered by 23.234.118.100 (static-23-234-118-100.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 19:36:43.493110 2026] [security2:error] [pid 19363:tid 19363] [client 23.234.118.100:50662] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:codigo. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.laboquimia.es|F|2"] [data "Matched Data: etc/passwd found within ARGS:codigo: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.laboquimia.es"] [uri "/catalogo/producto.php"] [unique_id "agZciwZyIdZvaWbuY6oWNgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Oakley
2026-05-14 22:07:35
(1 month ago)
(mod_security) mod_security (id:900210) triggered by 23.234.118.100 (US/United States/static-23-234- ...
show more
(mod_security) mod_security (id:900210) triggered by 23.234.118.100 (US/United States/static-23-234-118-100.cust.tzulo.com): 5 in the last 900 secs
show less
Web App Attack
Hacking
๐ฉ๐ช
CELOS-SOC
2026-05-14 04:32:28
(1 month ago)
Multiple Unauthorized SSLVPN Login Attempts
Hacking
Brute-Force
Anonymous
2026-05-12 09:05:47
(1 month ago)
SSL-VPN Brute-Force (10 failed logins). Targeted users: brian, serveradmin, sergio, vpnuser, rec, ex ...
show more
SSL-VPN Brute-Force (10 failed logins). Targeted users: brian, serveradmin, sergio, vpnuser, rec, exchange, sharepoint, kevin, mssql
show less
Brute-Force