Anonymous
2025-07-15 10:47:45
(11 months ago)
ModSecurity IDs: 920440,949110,980130; manually confirmed
Brute-Force
๐ธ๐ช
SkyDancer
2025-07-10 18:34:03
(11 months ago)
Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by ...
show more
Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-5
show less
Hacking
Brute-Force
SSH
๐ฎ๐น
Progetto1
2025-07-10 15:29:02
(11 months ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
ipblock.com
2025-07-10 12:50:00
(11 months ago)
IPBlock protected site ID [669-fx].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ฆ๐บ
Block Rockin' Beats
2025-07-10 12:31:05
(11 months ago)
Scanning for exploitable scripts
Hacking
Web App Attack
๐บ๐ธ
kosada.com
2025-07-10 12:17:06
(11 months ago)
Web vulnerability probing
Web App Attack
๐ฉ๐ช
conseilgouz
2025-07-10 11:29:55
(11 months ago)
ece-Security key failure
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-10 09:31:34
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (s154626.love-is.nexus): 1 in th ...
show more
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (s154626.love-is.nexus): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 05:31:26.073087 2025] [security2:error] [pid 27417:tid 27417] [client 87.120.126.166:48820] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||danged.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "danged.com"] [uri "/elmah.axd"] [unique_id "aG-IbuTEMicZJltklpm-tQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-10 08:59:02
(11 months ago)
Malicious activity detected
Hacking
Web App Attack
๐ฉ๐ช
conseilgouz
2025-07-10 08:34:15
(11 months ago)
coe-22 : 8G : REQUEST_URI error=>/elmah.axd
Hacking
๐ฉ๐ช
Carsten
2025-07-10 07:49:43
(11 months ago)
GET [elmah.axd]
Port Scan
๐ฎ๐ฉ
Burayot
2025-07-10 06:12:10
(11 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 87.120.126.166 (DE/Germany/s154626.l ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 87.120.126.166 (DE/Germany/s154626.love-is.nexus): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-10 05:17:27
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 01:17:21.363610 2025] [security2:error] [pid 17713:tid 17713] [client 87.120.126.166:43674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bladesoflegend.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bladesoflegend.com"] [uri "/elmah.axd"] [unique_id "aG9M4WrI7rJ0Ni_NFNF4kwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-10 05:00:31
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 01:00:26.429246 2025] [security2:error] [pid 29844:tid 29844] [client 87.120.126.166:13410] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bigheartskitchen.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bigheartskitchen.com"] [uri "/elmah.axd"] [unique_id "aG9I6hp0VJ2cnbB3xMaOZAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-10 04:22:58
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 87.120.126.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 10 00:22:54.951850 2025] [security2:error] [pid 8005:tid 8005] [client 87.120.126.166:40158] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||basselier.com|F|2"] [data ".axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "basselier.com"] [uri "/elmah.axd"] [unique_id "aG9AHoKsRJZYhEhlz7CycQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack