๐ณ๐ฑ
i-turnradio.nl
2025-10-21 15:33:19
(8 months ago)
2025-10-21 @ 17:33:18 (CET) ~ Blocked for trying to access: /erker/wp/wp-login.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 22:44:30
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 18:43:42.052753 2025] [security2:error] [pid 28088:tid 28088] [client 95.164.150.54:9403] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||automotiveforms.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "automotiveforms.net"] [uri "/backup/backup2.sql"] [unique_id "aN2unmT86gKkew1m2SpmLAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2025-10-01 22:41:37
(9 months ago)
(mod_security-custom) mod_security (id:210492) triggered by 95.164.150.54 (US/United States/New York ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 95.164.150.54 (US/United States/New York/New York/-/[AS394814 ISP4LIFE]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐บ๐ธ
Penny Packer
2025-10-01 18:12:10
(9 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 09:44:53
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 05:44:46.780037 2025] [security2:error] [pid 11700:tid 11700] [client 95.164.150.54:22743] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||alsdepot.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alsdepot.com"] [uri "/2025.sql"] [unique_id "aNz4Dn0-FWZSPXVsK_KPHAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 01:45:30
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 30 21:45:23.771625 2025] [security2:error] [pid 8906:tid 8906] [client 95.164.150.54:30755] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||fashionmenswear.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fashionmenswear.com"] [uri "/var/export/dump.sql"] [unique_id "aNyHsyJiXkjQNq2ZnnmNqAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-09-23 01:49:29
(9 months ago)
Restricted File Access Requests
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-09-15 03:37:14
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 23:37:06.877141 2025] [security2:error] [pid 15545:tid 15545] [client 95.164.150.54:27693] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||voodooshop.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "voodooshop.com"] [uri "/wp-content/local.sql"] [unique_id "aMeJ4nGTLurnMBwYd80u4QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-15 03:07:59
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 23:07:55.755209 2025] [security2:error] [pid 29761:tid 29761] [client 95.164.150.54:28043] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kemela.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kemela.com"] [uri "/wp-content/com.sql"] [unique_id "aMeDC15bdt3uHw4UsJg6cwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-15 01:45:30
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 21:45:26.035255 2025] [security2:error] [pid 10319:tid 10319] [client 95.164.150.54:10133] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wcsystems.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wcsystems.net"] [uri "/mysql.sql"] [unique_id "aMdvtiPY66Ntn9Vv_JsqdgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-14 23:06:45
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 14 19:06:37.792210 2025] [security2:error] [pid 17587:tid 17587] [client 95.164.150.54:11899] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||texasfurnitureinc.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "texasfurnitureinc.com"] [uri "/backup_2.sql"] [unique_id "aMdKfWSaxcy5A8qdeNWfXgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-12 06:20:24
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 95.164.150.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 12 02:20:18.895952 2025] [security2:error] [pid 25442:tid 25442] [client 95.164.150.54:5271] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||allautousa.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "allautousa.com"] [uri "/backup/mysql.sql"] [unique_id "aMO7ooCfHRLrT-5fZHzcuQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ecosmartfire.com.au
2025-09-11 23:23:00
(9 months ago)
95.164.150.54 - - [12/Sep/2025:09:23:44 +1000] "GET /exports/magento.zip HTTP/2.0" 403 130 "-" "Mozi ...
show more
95.164.150.54 - - [12/Sep/2025:09:23:44 +1000] "GET /exports/magento.zip HTTP/2.0" 403 130 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Edg/101.0.1210.47"
show less
Hacking
Web App Attack
๐บ๐ธ
rsa
2025-09-11 17:07:00
(9 months ago)
excessive crawling
DDoS Attack
Web App Attack
๐ฉ๐ช
Admins@FBN
2024-09-18 16:40:04
(1 year ago)
VPN Logon Failed: AAA user authentication Rejected user = <info>
Brute-Force
Exploited Host