Anonymous
2026-07-03 01:34:10
(4 hours ago)
Aggressive Robot or Attack DDOS
DDoS Attack
๐ต๐น
Information Security
2026-07-03 01:30:51
(4 hours ago)
Web App Attack
Web App Attack
๐ฉ๐ช
Viveronese
2026-07-03 01:30:31
(4 hours ago)
HTTP vulnerability scanning
Web App Attack
๐น๐ผ
kk_it_man
2026-07-03 01:13:02
(4 hours ago)
ET INFO Request to Hidden Environment File - Inbound
ET WEB_SERVER Script tag in URI Possible Cros ...
show more
ET INFO Request to Hidden Environment File - Inbound
ET WEB_SERVER Script tag in URI Possible Cross Site Scripting Attempt
GPL WEB_SERVER 403 Forbidden
SURICATA HTTP Request unrecognized authorization method
show less
Port Scan
๐ซ๐ท
Sklurk
2026-07-03 00:26:13
(5 hours ago)
Web App Attack
Web App Attack
Anonymous
2026-07-03 00:19:24
(5 hours ago)
SQL Injection
SQL Injection
๐บ๐ธ
tropicalidad.be
2026-07-02 23:42:49
(5 hours ago)
blog spam/exploit attempt
Blog Spam
Hacking
๐ฉ๐ช
AetherFox
2026-07-02 23:41:58
(5 hours ago)
AetherFox VoidGuard detected: [Thu Jul 02 23:41:55.717343 2026] [authz_core:error] [pid 3226034:tid ...
show more
AetherFox VoidGuard detected: [Thu Jul 02 23:41:55.717343 2026] [authz_core:error] [pid 3226034:tid 3226044] [client 74.208.5.160:53091] AH01630: client denied by server configuration: proxy:https://[MASKED]/kb/faq.php
[Thu Jul 02 23:41:57.491219 2026] [authz_core:error] [pid 3226034:tid 3226049] [client 74.208.5.160:53091] AH01630: client denied by server configuration: proxy:https://[MASKED]/api/v1/swagger.json
[Thu Jul 02 23:41:57.731922 2026] [authz_core:error] [pid 3226035:tid 3226071] [client 74.208.5.160:53591] AH01630: client denied by server configuration: proxy:https://[MASKED]/swagger/v2/swagger.json
[Thu Jul 02 23:41:57.746286 2026] [authz_core:error] [pid 3226034:tid 3226041] [client 74.208.5.160:53091] AH01630: client denied by server configuration: proxy:https://[MASKED]/docs/swagger.json
[Thu Jul 02 23:41:58.271914 2026] [authz_core:error] [pid 3226035:tid 3226088] [client 74.208.5.160:53591] AH01630: client denied by server configuration
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-02 23:36:50
(6 hours ago)
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /openapi.json HTTP/1.1" 404 6317 "-" "Mozilla/5.0 ...
show more
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /openapi.json HTTP/1.1" 404 6317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /api-docs.json HTTP/1.1" 404 6317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /v3/api-docs HTTP/1.1" 404 6317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /api/docs HTTP/1.1" 404 6317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
74.208.5.160 - - [02/Jul/2026:19:36:49 -0400] "GET /api/swagger.json HTTP/1.1" 404 6317 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 22:53:13
(6 hours ago)
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:53:07.654084 2026] [security2:error] [pid 4301:tid 4301] [client 74.208.5.160:62741] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.aupapierjaponais.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php?action=1&course_cat_code=c&lang=<script>alert('xss')</script>&selected_course_cat_code=c&selected_menu=courses&title=courses"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.aupapierjaponais.com"] [uri "/index.php"] [unique_id "akbr07iHbHcN4E2cXP5cEAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 22:37:05
(7 hours ago)
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:36:55.467092 2026] [security2:error] [pid 21384:tid 21384] [client 74.208.5.160:55496] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||hanabritgermanshepherds.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php/index.php?itemid=116&catid=2&id=<script>alert('xss')</script>&option=com_content&view=article"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "hanabritgermanshepherds.com"] [uri "/index.php/index.php"] [unique_id "akboB2t0q6U01uTfAXPwngAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 20:32:49
(9 hours ago)
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:32:44.842313 2026] [security2:error] [pid 18965:tid 18965] [client 74.208.5.160:60386] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||panierduvillage.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php?article_id=1&clang=<script>alert('xss')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "panierduvillage.com"] [uri "/index.php"] [unique_id "akbK7LMENdckno8crNxqkwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 19:50:00
(9 hours ago)
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:49:55.217219 2026] [security2:error] [pid 7386:tid 7386] [client 74.208.5.160:54101] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||kingscruff.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /g12ordergen.php?fromwhat=itemdetail&fromwhere=g12generic.php&itemid=<script>alert('xss')</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kingscruff.com"] [uri "/g12ordergen.php"] [unique_id "akbA46XiW9QQoj2I89R_DQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Sysadmin Peter
2026-07-02 18:49:47
(10 hours ago)
74.208.5.160 - - [02/Jul/2026:20:49:46 +0200] "POST /wordpress/wp-login.php?action=lostpassword HTTP ...
show more
74.208.5.160 - - [02/Jul/2026:20:49:46 +0200] "POST /wordpress/wp-login.php?action=lostpassword HTTP/2.0" 200 1546 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
74.208.5.160 - - [02/Jul/2026:20:49:46 +0200] "POST /wordpress/wp-login.php?action=lostpassword HTTP/2.0" 200 1546 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:148.0) Gecko/20100101 Firefox/148.0"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:42:16
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 74.208.5.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:42:11.865827 2026] [security2:error] [pid 29475:tid 29501] [client 74.208.5.160:57558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ward-bergerhouse.org"] [uri "/.env"] [unique_id "akaG0yoNXX_RykTKPmTOJQAAARg"]
show less
Brute-Force
Bad Web Bot
Web App Attack