polycoda
2025-02-03 12:17:27
(3 days ago)
📄 Probes for tons of inexistent files and/or PHP scripts
Hacking
Web App Attack
Anonymous
2025-01-31 02:58:25
(6 days ago)
<comment>
Web App Attack
backslash
2025-01-20 20:00:13
(2 weeks ago)
block ruleset AA06B7315BA6AEB6421B52F0B32E14B509FD5FF0
SQL Injection
TPI-Abuse
2025-01-20 04:08:10
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 135.181.73.252 (crawl1-077.oi.tb.007ac9.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 135.181.73.252 (crawl1-077.oi.tb.007ac9.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 19 23:08:06.693580 2025] [security2:error] [pid 5285:tid 5285] [client 135.181.73.252:50730] [client 135.181.73.252] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.barbaraehill.com|F|2"] [data ".barbaraehill.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.barbaraehill.com"] [uri "/https:/www.barbaraehill.com"] [unique_id "Z43MJgMAaEtpkgwFYOq20AAAAA4"], referer: https://www.barbaraehill.com/ show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2025-01-17 21:03:29
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
cmbplf
2024-12-25 13:01:31
(1 month ago)
12.723 requests in 1 hour (3d17h59m)
Brute-Force
Bad Web Bot
Anonymous
2024-12-11 19:58:17
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
mwgbr
2024-11-18 22:58:25
(2 months ago)
135.181.73.252 (FI/Finland/crawl1-077.oi.tb.007ac9.net), more than 10 Apache 403 hits
Hacking
MAGIC
2024-11-16 11:10:36
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-16 09:30:49
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Roderic
2024-11-09 11:18:31
(2 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 135.181.73.252 (FI/F ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 135.181.73.252 (FI/Finland/crawl1-077.oi.tb.007ac9.net) show less
Bad Web Bot
MAGIC
2024-10-27 18:07:29
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
noxtec GmbH
2024-10-15 09:52:20
(3 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 135.181.73.252 (FI/F ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 135.181.73.252 (FI/Finland/crawl1-077.oi.tb.007ac9.net) show less
Bad Web Bot
TPI-Abuse
2024-09-21 10:49:15
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 135.181.73.252 (crawl1-077.oi.tb.007ac9.net): 1 ... show more (mod_security) mod_security (id:210730) triggered by 135.181.73.252 (crawl1-077.oi.tb.007ac9.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 21 06:49:09.006445 2024] [security2:error] [pid 28482:tid 28482] [client 135.181.73.252:47330] [client 135.181.73.252] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.bodybuildbid.com|F|2"] [data ".granitestateopen.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.bodybuildbid.com"] [uri "/upcom/\\xc3\\xa9\\xc3\\xa9www.granitestateopen.com"] [unique_id "Zu6kpc1_F673_ZFa_kGbOgAAAAA"], referer: http://www.bodybuildbid.com/upcom/nga-upcoming-events.html show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-08-15 00:58:57
(5 months ago)
135.181.73.252 - - [15/Aug/2024:01:59:02 +0100] "GET /robots.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 135.181.73.252 - - [15/Aug/2024:01:59:02 +0100] "GET /robots.txt HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; SeekportBot; +https://bot.seekport.com)"
... show less
Bad Web Bot