Anonymous
2024-12-08 15:48:35
(3 hours ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Skyrider
2024-12-04 05:43:24
(4 days ago)
149.56.150.179 - - [04/Dec/2024:06:43:16 +0100] "GET /faq/ HTTP/2.0" 403 12163 "-" "Mozilla/5.0 (com ... show more 149.56.150.179 - - [04/Dec/2024:06:43:16 +0100] "GET /faq/ HTTP/2.0" 403 12163 "-" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.179 - - [04/Dec/2024:06:43:23 +0100] "GET /security.txt HTTP/2.0" 404 114 "http://forum.esforces.com/security.txt" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.179 - - [04/Dec/2024:06:43:24 +0100] "GET /.well-known/security.txt HTTP/2.0" 404 114 "http://forum.esforces.com/.well-known/security.txt" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.179 - - [04/Dec/2024:06:43:24 +0100] "GET /humans.txt HTTP/2.0" 404 114 "http://forum.esforces.com/humans.txt" "Mozilla/5.0 (compatible; Dataprovider.com)"
149.56.150.179 - - [04/Dec/2024:06:43:24 +0100] "GET /ads.txt HTTP/2.0" 404 114 "http://forum.esforces.com/ads.txt" "Mozilla/5.0 (compatible; Dataprovider.com)" show less
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-30 02:27:50
(1 week ago)
(mod_security) mod_security (id:243420) triggered by 149.56.150.179 (crawl-149-56-150-179.dataprovid ... show more (mod_security) mod_security (id:243420) triggered by 149.56.150.179 (crawl-149-56-150-179.dataproviderbot.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 29 21:27:43.826454 2024] [security2:error] [pid 10363:tid 10363] [client 149.56.150.179:43029] [client 149.56.150.179] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "REQUEST_HEADERS:Accept-Encoding" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)||www.limpiezadevidriosyoficinas.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.limpiezadevidriosyoficinas.com"] [uri "/trabajos-de-pintura/"] [unique_id "Z0p4HwZ_cNVnKlsjGvUr4AAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-23 01:12:22
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-11-02 11:04:05
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-30 10:12:49
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-09 06:54:03
(1 month ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-09-21 21:27:03
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-06 02:32:57
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
PlexLads
2024-08-28 11:19:33
(3 months ago)
149.56.150.179 - - [28/Aug/2024:04:19:30 -0700] "GET /sitemap.xml HTTP/1.1" 404 396 "-" "Mozilla/5.0 ... show more 149.56.150.179 - - [28/Aug/2024:04:19:30 -0700] "GET /sitemap.xml HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.179 - - [28/Aug/2024:04:19:30 -0700] "GET /manual HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.179 - - [28/Aug/2024:04:19:31 -0700] "GET /ads.txt HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.179 - - [28/Aug/2024:04:19:31 -0700] "GET /security.txt HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.179 - - [28/Aug/2024:04:19:31 -0700] "GET /.well-known/security.txt HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" 149.56.150.179 - - [28/Aug/2024:04:19:31 -0700] "GET /humans.txt HTTP/1.1" 404 396 "-" "Mozilla/5.0 (compatible; Dataprovider.com)" show less
Hacking
Web App Attack
Anonymous
2024-07-09 04:35:40
(4 months ago)
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less
Brute-Force
SSH
MAGIC
2024-07-02 16:04:14
(5 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-06-25 23:11:16
(5 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-06-16 00:25:59
(5 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
Brute-Force
SSH
SSH
MAGIC
2024-05-11 09:02:59
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot