niceshops.com
2024-11-30 19:05:01
(1 week ago)
Web Attack (Nov 24 20:05:00 DoS Prevention Request #100 )
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-27 21:03:02
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-27 03:03:14
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2024-11-17 02:35:01
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your- ... show more (mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 16 21:34:55.670710 2024] [security2:error] [pid 23077:tid 23077] [client 144.76.67.25:54526] [client 144.76.67.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.precisionk-9.com|F|2"] [data ".amcboise.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.precisionk-9.com"] [uri "/www.amcboise.com"] [unique_id "ZzlWTxQx9kxYl-623W3McQAAACA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-25 06:52:53
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your- ... show more (mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 25 02:52:46.498661 2024] [security2:error] [pid 15428:tid 15583] [client 144.76.67.25:33310] [client 144.76.67.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kerrfamilyassociation.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kerrfamilyassociation.com"] [uri "/store/[email protected] "] [unique_id "ZxtAPtGt8cyiFPbV_DotPQAAAJI"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-10-23 03:01:21
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
bigscoots.com
2024-10-22 17:16:25
(1 month ago)
(PERMBLOCK) 144.76.67.25 (DE/Germany/static.25.67.76.144.clients.your-server.de) has had more than 4 ... show more (PERMBLOCK) 144.76.67.25 (DE/Germany/static.25.67.76.144.clients.your-server.de) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
TPI-Abuse
2024-10-18 18:58:10
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your- ... show more (mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 18 14:58:04.545794 2024] [security2:error] [pid 14268:tid 14268] [client 144.76.67.25:60654] [client 144.76.67.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||macjr.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "macjr.com"] [uri "/archives/2007/corel.com"] [unique_id "ZxKvvKmn0MoazcOIBxg9MAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
bigscoots.com
2024-10-18 03:44:05
(1 month ago)
(PERMBLOCK) 144.76.67.25 (DE/Germany/static.25.67.76.144.clients.your-server.de) has had more than 4 ... show more (PERMBLOCK) 144.76.67.25 (DE/Germany/static.25.67.76.144.clients.your-server.de) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
Charles
2024-10-14 01:31:57
(1 month ago)
144.76.67.25 - - [14/Oct/2024:09:31:55 +0800] "GET /www.12vspotlight.com/ HTTP/1.1" 404 2276 "-" "se ... show more 144.76.67.25 - - [14/Oct/2024:09:31:55 +0800] "GET /www.12vspotlight.com/ HTTP/1.1" 404 2276 "-" "serpstatbot/2.1 (advanced backlink tracking bot; https://serpstatbot.com/; [email protected] )"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
TPI-Abuse
2024-10-10 11:08:41
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your- ... show more (mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 10 07:08:38.216782 2024] [security2:error] [pid 5756:tid 5756] [client 144.76.67.25:56388] [client 144.76.67.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.hayrun.com|F|2"] [data ".hayrun.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.hayrun.com"] [uri "/blog/2015/03/www.hayrun.com"] [unique_id "Zwe1tvlcVwH9CK4hcyhO9wAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rocky Mountain Bioengineering Symposium
2024-09-28 02:32:25
(2 months ago)
[Fri Sep 27 19:58:25.632527 2024] [authz_core:error] [pid 758219:tid 140366946743872] [client 144.76 ... show more [Fri Sep 27 19:58:25.632527 2024] [authz_core:error] [pid 758219:tid 140366946743872] [client 144.76.67.25:52850] AH01630: client denied by server configuration: /var/www/public_html/symposium/robots.txt
[Fri Sep 27 19:58:25.635139 2024] [authz_core:error] [pid 758219:tid 140366946743872] [client 144.76.67.25:52850] AH01630: client denied by server configuration: /var/www/public_rsrc/assets/RMBS-Server-Error.html
[Fri Sep 27 20:32:24.824015 2024] [authz_core:error] [pid 783880:tid 140368674788928] [client 144.76.67.25:33940] AH01630: client denied by server configuration: /var/www/public_html/symposium/
... show less
Bad Web Bot
MAGIC
2024-09-08 16:01:09
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
xserverx.ru
2024-09-07 09:50:38
(3 months ago)
"GET /robots.txt HTTP/1.1" 403 158 "-" "serpstatbot/2.1 (advanced backlink tracking bot; https://ser ... show more "GET /robots.txt HTTP/1.1" 403 158 "-" "serpstatbot/2.1 (advanced backlink tracking bot; https://serpstatbot.com/; [email protected] )"
"GET / HTTP/1.1" 403 158 "-" "serpstatbot/2.1 (advanced backlink tracking bot; https://serpstatbot.com/; [email protected] )"
"GET / HTTP/1.1" 403 158 "-" "serpstatbot/2.1 (advanced backlink tracking bot; https://serpstatbot.com/; [email protected] )"
... show less
Web App Attack
TPI-Abuse
2024-08-28 21:14:38
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your- ... show more (mod_security) mod_security (id:210730) triggered by 144.76.67.25 (static.25.67.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 17:14:30.176260 2024] [security2:error] [pid 32302:tid 32302] [client 144.76.67.25:37048] [client 144.76.67.25] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.precisionk-9.com|F|2"] [data ".amcboise.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.precisionk-9.com"] [uri "/www.amcboise.com"] [unique_id "Zs-TNiX7Jw4THPchJJk2DAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack