Anonymous
2024-09-08 06:53:16
(1 month ago)
2024-09-08 06:53:16 warning: host unknown[124.226.222.66]: unauthorized access attempted: tcp/80
Port Scan
Brute-Force
TPI-Abuse
2024-09-06 04:59:31
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 00:59:23.132167 2024] [security2:error] [pid 20896:tid 20896] [client 124.226.222.66:39646] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.kandocopies.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.kandocopies.com"] [uri "/"] [unique_id "ZtqMK2VIohXV_QtTtGwnCAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-06 04:25:07
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 00:24:58.538004 2024] [security2:error] [pid 8985:tid 8985] [client 124.226.222.66:44624] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.chicagowca.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.chicagowca.com"] [uri "/"] [unique_id "ZtqEGpupu4_kqs6kmYV2zAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-04 23:36:13
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 04 19:36:03.780544 2024] [security2:error] [pid 11232:tid 11232] [client 124.226.222.66:60152] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||192.64.150.55|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "192.64.150.55"] [uri "/"] [unique_id "Ztju4_p7NvR_rMzQf-LATAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Security_Whaller
2024-09-02 07:49:45
(1 month ago)
Malicious activity detected on Honeypot.
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-08-30 15:27:53
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 11:27:40.036791 2024] [security2:error] [pid 23619:tid 23619] [client 124.226.222.66:54851] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.trafficschoolonline365.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.trafficschoolonline365.com"] [uri "/"] [unique_id "ZtHk7Prq2HbzEcHMfedugAAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-29 17:02:28
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Rizzy
2024-08-29 16:08:51
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Evag Touf
2024-08-28 21:10:14
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 124.226.222.66 (CN/China/-): (CF_ENABL ... show more (mod_security) mod_security triggered on hostname [redacted] 124.226.222.66 (CN/China/-): (CF_ENABLE) show less
SQL Injection
BSG Webmaster
2024-08-27 07:35:13
(1 month ago)
Port scanning (Port 80)
Port Scan
Hacking
Anonymous
2024-08-27 05:08:42
(1 month ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
TPI-Abuse
2024-08-26 21:04:33
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 17:04:23.359206 2024] [security2:error] [pid 1489:tid 1489] [client 124.226.222.66:49103] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.pattymoorearmstrong.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.pattymoorearmstrong.com"] [uri "/"] [unique_id "Zszt12xCCpGnVb1IBMQkXwAAAAc"], referer: http://p2moore.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-26 18:17:33
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 14:17:20.280852 2024] [security2:error] [pid 19231:tid 19236] [client 124.226.222.66:48567] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||bullfrogsmusic.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bullfrogsmusic.com"] [uri "/"] [unique_id "ZszGsDvNdDzZj8o5eao5VwAAAUI"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-08-26 15:15:55
(1 month ago)
UKN method, https://api.dev.marche-be.com/
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-08-22 18:47:22
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 124.226.222.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 14:47:13.307127 2024] [security2:error] [pid 28804:tid 28804] [client 124.226.222.66:55017] [client 124.226.222.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||halvaughan.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "halvaughan.com"] [uri "/"] [unique_id "ZseHsWdt3snoiH2hbEmc3gAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack