๐บ๐ธ
TPI-Abuse
2026-07-12 22:28:24
(15 hours ago)
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 18:28:19.269567 2026] [security2:error] [pid 31699:tid 31699] [client 49.64.52.210:57647] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||paulpasquali.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "paulpasquali.com"] [uri "/"] [unique_id "alQVA_JHGoJ53MgYd7C_hwAAAAY"], referer: http://paulpasquali.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 20:01:14
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:01:10.211998 2026] [security2:error] [pid 16133:tid 16133] [client 49.64.52.210:58858] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.puckerbikinis.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.puckerbikinis.com"] [uri "/"] [unique_id "aklmhtlwcsdIS2an-vOQ0QAAAA8"], referer: http://www.puckerbikinis.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:23:45
(1 week ago)
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 49.64.52.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:23:39.233554 2026] [security2:error] [pid 2521:tid 2521] [client 49.64.52.210:59748] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.bpcompany.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.bpcompany.net"] [uri "/"] [unique_id "akhSi86JP-oznbsiRCnLPAAAACM"], referer: http://www.bpcompany.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ณ
Parth Maniar
2023-03-03 04:56:17
(3 years ago)
SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect ...
show more
SSH login attempts (SSH bruteforce attack). For more information, or to report interesting/incorrect findings, give me a shoutout @parthmaniar on Twitter.
show less
Brute-Force
SSH
๐ฉ๐ช
ps-center
2023-02-28 14:47:48
(3 years ago)
SES-W: TCP-Scanner. Port: 23
Port Scan
๐บ๐ธ
MPL
2023-02-28 14:24:17
(3 years ago)
tcp/23
Port Scan
๐บ๐ธ
MPL
2023-02-28 09:32:16
(3 years ago)
tcp/23
Port Scan
๐ฉ๐ช
ps-center
2023-02-27 23:14:57
(3 years ago)
DIS-W: TCP-Scanner. Port: 23
Port Scan
๐ง๐พ
sashan
2023-02-27 20:24:25
(3 years ago)
Feb 27 23:24:24 debian kernel: [163340.492813] nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=49.64.52.2 ...
show more
Feb 27 23:24:24 debian kernel: [163340.492813] nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=49.64.52.210 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=49 ID=46618 PROTO=TCP SPT=50370 DPT=23 WINDOW=14370 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐ซ๐ท
QUADEMU Abuse Dpt
2023-02-27 17:53:50
(3 years ago)
Noxious/Nuisible/ะฒัะตะดะพะฝะพัะฝัะน Host.
Port Scan
Brute-Force
๐บ๐ธ
sumnone
2023-02-27 13:30:40
(3 years ago)
Port probing on unauthorized port 23
Port Scan
Hacking
Exploited Host
๐บ๐ธ
MPL
2023-02-27 13:29:42
(3 years ago)
tcp/23
Port Scan
๐บ๐ธ
MPL
2023-02-27 01:18:46
(3 years ago)
tcp/23
Port Scan
Anonymous
2023-02-27 01:10:30
(3 years ago)
port scan and connect, tcp 23 (telnet)
Port Scan
๐ณ๐ฑ
PvH
2023-02-27 00:05:10
(3 years ago)
Unsolicited connection attempts to port 23
Hacking