|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 11 22:11:25.123031 2024] [security2:error] [pid 13526] [client 130.211.69.49:52074] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||www.bonvivantorganics.com|F|4"] [data "REQUEST_URI=/wp/wp-content/themes/enfold/js/aviapopup/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.bonvivantorganics.com"] [uri "/wp/wp-content/themes/enfold/js/aviapopup/%url%"] [unique_id "ZkAlTTHlLd_0nOmtQawS3wAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
WebWizards.NZ
|
|
Trolling for resource vulnerabilities
|
Web App Attack
|
|
|
๐ณ๐ฑ
Harm222
|
|
phw-Joomla User : try to access forms...
|
Hacking
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 05 21:32:44.872408 2024] [security2:error] [pid 586] [client 130.211.69.49:48796] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||deliverystations.co|F|2"] [data ".artigraphic.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "deliverystations.co"] [uri "/www.ArtiGraphic.com"] [unique_id "ZjgzPNB1cBlgqkH9K4tStAAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 05 14:11:34.295840 2024] [security2:error] [pid 24063] [client 130.211.69.49:41504] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||stacyfarm.com|F|4"] [data "REQUEST_URI=/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stacyfarm.com"] [uri "/wp-content/plugins/easy-facebook-likebox/facebook/frontend/assets/js/%url%"] [unique_id "ZjfL1o3y48Q_GFI1GyVe6QAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐ฉ๐ช
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities - 13
|
Exploited Host
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 29 20:17:16.724893 2024] [security2:error] [pid 28889] [client 130.211.69.49:46190] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dronesofmontana.com|F|2"] [data ".dronesofmontana.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dronesofmontana.com"] [uri "/register/www.dronesofmontana.com"] [unique_id "ZjA4jKJ3-QPNPMPJ8Y3b2gAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
HERA - Operations
|
|
bau-arge - searching for vulnerable scripts: magento_version 2024/04/29 07:52:28
|
Web App Attack
|
|
|
Anonymous
|
|
Bot / seems abusive / Apache connections: 57
|
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
Anonymous
|
|
Excessive crawling/scraping. Vulnerable file probing.
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210730) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 21 20:32:34.675892 2024] [security2:error] [pid 13568] [client 130.211.69.49:44360] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.unigroupeu.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.unigroupeu.com"] [uri "/mailto:[email protected]"] [unique_id "ZiWwIvOPx-vpW-S5bgb96QAAACA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210381) triggered by 130.211.69.49 (49.69.211.130.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 21 03:20:40.308253 2024] [security2:error] [pid 26367] [client 130.211.69.49:46390] [client 130.211.69.49] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||grabagame.com|F|4"] [data "REQUEST_URI=/wp-content/themes/Divi/js/%url%"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "grabagame.com"] [uri "/wp-content/themes/Divi/js/%url%"] [unique_id "ZiS-SON487PYloONERJt0QAAAB8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|