Anonymous
2024-12-23 07:15:13
(1 month ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
Anonymous
2024-12-20 07:10:12
(1 month ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
Anonymous
2024-12-10 05:40:10
(1 month ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
Anonymous
2024-12-07 05:35:10
(1 month ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
TPI-Abuse
2024-12-06 01:23:12
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 20:23:07.714650 2024] [security2:error] [pid 19578:tid 19578] [client 143.244.41.215:62190] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lawandaudit.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lawandaudit.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1JR-_RGjmT4e2baDEK6GwAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
polycoda
2024-12-05 22:00:53
(1 month ago)
📂 Probes for tons of inexistent directory listings
Hacking
Web App Attack
Rizzy
2024-12-05 16:18:50
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-12-05 13:47:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 08:47:27.945716 2024] [security2:error] [pid 1203423:tid 1203423] [client 143.244.41.215:58495] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||allyne.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "allyne.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1Gu77IYTx_5Lvzs226rUwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 09:33:48
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 04:33:40.961860 2024] [security2:error] [pid 842533:tid 842533] [client 143.244.41.215:62867] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||windtime.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "windtime.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1FzdLVvabQHG31MtzPyUAAAACA"] show less
Brute-Force
Bad Web Bot
Web App Attack
URAN Publishing Service
2024-12-05 02:29:43
(1 month ago)
143.244.41.215 - - [05/Dec/2024:04:29:38 +0200] "GET /wp-content/index.php HTTP/1.1" 404 272 "-" "Mo ... show more 143.244.41.215 - - [05/Dec/2024:04:29:38 +0200] "GET /wp-content/index.php HTTP/1.1" 404 272 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
143.244.41.215 - - [05/Dec/2024:04:29:42 +0200] "GET /wp-admin/images/index.php HTTP/1.1" 404 272 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"
... show less
Web App Attack
TPI-Abuse
2024-12-04 22:26:11
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 17:26:08.084233 2024] [security2:error] [pid 30517:tid 30517] [client 143.244.41.215:60900] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wandathelittlestwizard.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wandathelittlestwizard.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1DXAP3FynXZiP458_vgTAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 21:54:03
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 16:53:55.147715 2024] [security2:error] [pid 2677302:tid 2677302] [client 143.244.41.215:65257] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||psystems.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "psystems.net"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1DPc-YIth3TysCX4xvLcAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 21:26:53
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 16:26:47.765350 2024] [security2:error] [pid 22803:tid 22803] [client 143.244.41.215:54747] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||garretthillary.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garretthillary.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1DJFwEcwthYcHWc-7oADgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
w-e-c-l-o-u-d-i-t
2024-12-04 21:00:02
(1 month ago)
SPAM - Bruteforce Attack - DDOS 3
Email Spam
Brute-Force
TPI-Abuse
2024-12-04 19:22:22
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.c ... show more (mod_security) mod_security (id:210730) triggered by 143.244.41.215 (unn-143-244-41-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 14:22:14.719922 2024] [security2:error] [pid 21909:tid 21909] [client 143.244.41.215:51047] [client 143.244.41.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||okeetokee.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "okeetokee.org"] [uri "/site/default/settings.php.BAK"] [unique_id "Z1Cr5t__hdGIVUwZ4uRKMAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack