๐บ๐ธ
gui-ying233
2026-07-07 00:04:32
(3 hours ago)
meta-webindexer/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
Bad Web Bot
๐ฉ๐ช
Skyrider
2026-07-06 00:21:11
(1 day ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 17:59:09
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 13:59:03.964150 2026] [security2:error] [pid 8381:tid 8381] [client 2a03:2880:f800:2e:::34496] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||3-6trucking.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "3-6trucking.com"] [uri "/3-6trucking.com"] [unique_id "akqbZycnOxdxkRQSkytsJgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
BSG Webmaster
2026-07-05 05:33:14
(1 day ago)
Hacking Attempt using path /sitemap.txt
Brute-Force
Web App Attack
๐บ๐ธ
gui-ying233
2026-07-05 00:08:18
(2 days ago)
meta-webindexer/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
Bad Web Bot
๐ฉ๐ช
LRob
2026-07-05 00:02:34
(2 days ago)
Repeated attacks detected by Fail2Ban in recidive jail
Hacking
๐ฉ๐ช
Skyrider
2026-07-04 23:18:04
(2 days ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:06:41
(4 days ago)
(mod_security) mod_security (id:213060) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:213060) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:06:36.976337 2026] [security2:error] [pid 26034:tid 26034] [client 2a03:2880:f800:2e:::52668] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)((?:\\\\bx(?:link:href|html|mlns)|!ENTITY\\\\b.{0,399}?\\\\b(?:SYSTEM|PUBLIC)|\\\\bdata:text\\\\/html))" at ARGS:_bd_prev_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "170"] [id "213060"] [rev "7"] [msg "COMODO WAF: XSS Filter - Category 3: Attribute Vector||essentialee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "essentialee.com"] [uri "/"] [unique_id "akcZLE2MwZ0Gqajk6aG7ywAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-03 02:00:33
(4 days ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
Anonymous
2026-07-02 22:47:46
(4 days ago)
2a03:2880:f800:2e:: - - [02/Jul/2026:02:26:16 +0200] "GET /system/html/axarquia85-8a2f9b90.jpg HTTP/ ...
show more
2a03:2880:f800:2e:: - - [02/Jul/2026:02:26:16 +0200] "GET /system/html/axarquia85-8a2f9b90.jpg HTTP/2.0" 403 345 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)"
show less
Web Spam
Blog Spam
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 04:37:12
(4 days ago)
(mod_security) mod_security (id:949110) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:949110) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:37:07.423414 2026] [security2:error] [pid 10194:tid 10194] [client 2a03:2880:f800:2e:::32056] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "krupaandsons.com"] [uri "/krupaandsons.com"] [unique_id "akXq86P8cTliG0lb5WsP6QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
gui-ying233
2026-07-02 00:09:46
(5 days ago)
meta-webindexer/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 10:35:07
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:34:59.484521 2026] [security2:error] [pid 25240:tid 25240] [client 2a03:2880:f800:2e:::55210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kclawoffice.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kclawoffice.com"] [uri "/kclawoffice.com"] [unique_id "akTtU-aglKFlz374Kh4uQQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 10:09:22
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:09:16.416818 2026] [security2:error] [pid 7729:tid 7729] [client 2a03:2880:f800:2e:::33738] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||phtaudio.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phtaudio.com"] [uri "/phtaudio.com"] [unique_id "akTnTBi8EQOv5PUUpZ5QMAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:37:06
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210730) triggered by 2a03:2880:f800:2e:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:37:02.024243 2026] [security2:error] [pid 8727:tid 8727] [client 2a03:2880:f800:2e:::65034] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||darkalleyproductions.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "darkalleyproductions.com"] [uri "/darkalleyproductions.com"] [unique_id "akTDnrCyQzgUzaHn_XZmpQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack