Anonymous
2024-10-31 21:53:24
(2 days ago)
Malicious activity detected
Hacking
Web App Attack
MAGIC
2024-10-29 06:00:27
(5 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
✨
2024-10-22 18:45:02
(1 week ago)
Domain : wehosting.pro
Rule : DangerQueryString
2024-10-22 18:44:22 152.53.103.155 GET / ... show more Domain : wehosting.pro
Rule : DangerQueryString
2024-10-22 18:44:22 152.53.103.155 GET /support/login goto='nvOpzp; AND 1=1 OR (<''>iKO)), 443 - 162.158.18.51 HTTP/2 - - www.wehosting.pro 200 0 0 10964 365 155 - 146.70.120.38 show less
Web App Attack
MAGIC
2024-10-20 16:10:02
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
abusiveIntelligence
2024-10-20 00:10:00
(2 weeks ago)
RDP connect attempt: Nmap Scanner
Brute-Force
Anonymous
2024-10-08 19:16:33
(3 weeks ago)
Malicious activity detected
Hacking
Web App Attack
Swiptly
2024-09-28 11:07:41
(1 month ago)
Multiple critical ModSecurity events
...
Web Spam
Bad Web Bot
Anonymous
2024-09-19 05:30:02
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2024-06-17 00:13:57
(4 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
Brute-Force
SSH
SSH
MAGIC
2024-04-27 11:13:16
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-04-15 05:17:25
(6 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-04-07 08:56:44
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 07 04:56:37.409748 2024] [security2:error] [pid 3016] [client 146.70.120.38:32838] [client 146.70.120.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nuegrapes.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nuegrapes.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZhJfxSEfZWSF9IR6ZtjSVAAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-07 08:21:53
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 07 04:21:47.804225 2024] [security2:error] [pid 24489] [client 146.70.120.38:48436] [client 146.70.120.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.bowdens-landing.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.bowdens-landing.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZhJXmyx4jsl9rYHzt9wu4AAAACM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-07 07:53:44
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 07 03:53:37.266274 2024] [security2:error] [pid 14367] [client 146.70.120.38:45836] [client 146.70.120.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||wisdomwfm.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wisdomwfm.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZhJRAZxq0b2CcT-D7DZTNAAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-07 07:18:04
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 146.70.120.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 07 03:17:58.853127 2024] [security2:error] [pid 5345] [client 146.70.120.38:58450] [client 146.70.120.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jeffautry.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jeffautry.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZhJIpk2rkfszhjRHC4_URgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack