juozaspo
2025-02-08 20:40:29
(7 hours ago)
Automatic Report: Ignores robots.txt, visited bot-trap page linked through a hidden link, auto-banne ... show more Automatic Report: Ignores robots.txt, visited bot-trap page linked through a hidden link, auto-banned show less
Bad Web Bot
TPI-Abuse
2025-02-08 19:41:47
(8 hours ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 08 14:41:40.953963 2025] [security2:error] [pid 8085:tid 8085] [client 152.89.3.32:25703] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "74"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||taniagedik.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "taniagedik.com"] [uri "/"] [unique_id "Z6ezdHWcNFol-3aeqjtDfAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2025-02-07 02:05:20
(2 days ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2025-02-06 22:45:37
(2 days ago)
fail2ban apache-modsecurity web [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [uri "/"]
Web App Attack
TPI-Abuse
2025-02-06 09:17:27
(2 days ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 06 04:17:21.528926 2025] [security2:error] [pid 1390734:tid 1390734] [client 152.89.3.32:31963] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "74"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||vintage-car.club|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vintage-car.club"] [uri "/"] [unique_id "Z6R-IaU6plq27PWg1_DHvAAAAE0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-02-06 07:22:19
(2 days ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 06 02:22:14.507131 2025] [security2:error] [pid 26186:tid 26186] [client 152.89.3.32:46521] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "74"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||psychicangelreader.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psychicangelreader.com"] [uri "/"] [unique_id "Z6RjJpV5cd_PjttAxOvXsQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Aetherweb Ark
2025-02-06 06:16:35
(2 days ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (DE/Germany/-): N in the last X sec ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (DE/Germany/-): N in the last X secs show less
Web App Attack
MAGIC
2025-02-06 04:12:23
(3 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2025-02-06 01:30:05
(3 days ago)
PSCDE WEBFORM SPAM 152.89.3.32 (152.89.3.32)
Web Spam
hermawan
2025-02-06 01:03:44
(3 days ago)
[Thu Feb 06 07:00:36.476416 2025] [security2:error] [pid 119826:tid 140370394474176] [client 152.89. ... show more [Thu Feb 06 07:00:36.476416 2025] [security2:error] [pid 119826:tid 140370394474176] [client 152.89.3.32:65283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "keep-alive" at REQUEST_HEADERS:Connection. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "241"] [id "440013"] [msg "Bot Connection Keep Alive Header"] [data "Matched Data: keep-alive found within REQUEST_HEADERS:Connection: keep-alive request_line = GET / HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/"] [unique_id "Z6P7pCo8F6lj4ry6xe6DvQAAAXM"] [staklim-malang.info] [staklim-malang.info] top=[119979] [f3CC7uVSTms] [Z6P7pCo8F6lj4ry6xe6DvQAAAXM] keep_alive=[0] [2025-02-06 07:00:36.476421] [R:Z6P7pCo8F6lj4ry6xe6DvQAAAXM] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36' Host:'staklim-malang.info' COOKIE:'ueid=' ACCEPT:'text/html,application/xhtml+xml,application/xml;q=
... show less
Hacking
Web App Attack
Anonymous
2025-02-06 00:42:02
(3 days ago)
Malicious activity detected
Hacking
Web App Attack
penjaga BRIN
2025-01-25 16:25:06
(2 weeks ago)
Apache HTTP Server mod_log_config Null Cookie Denial of Service Vulnerability(34945)
Web App Attack
TPI-Abuse
2025-01-25 04:54:08
(2 weeks ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 23:54:05.741240 2025] [security2:error] [pid 27501:tid 27501] [client 152.89.3.32:54241] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "74"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||texasfurnitureinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texasfurnitureinc.com"] [uri "/"] [unique_id "Z5RubbNioRjxZQkCJfPgOwAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-25 02:40:37
(2 weeks ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 21:40:34.529131 2025] [security2:error] [pid 9590:tid 9590] [client 152.89.3.32:15265] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "74"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||www.al-harbi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.al-harbi.com"] [uri "/m.html"] [unique_id "Z5RPIkug5J2yF0b_vsoGjgAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-24 17:39:29
(2 weeks ago)
(mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220020) triggered by 152.89.3.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 12:39:24.433369 2025] [security2:error] [pid 6354:tid 6354] [client 152.89.3.32:24481] [client 152.89.3.32] ModSecurity: Access denied with code 403 (phase 1). Pattern match "(^|;)=(;|$)" at REQUEST_HEADERS:Cookie. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "220020"] [rev "2"] [msg "COMODO WAF: DoS vulnerability in Apache 2.2.17 - 2.2.21 (CVE-2012-0021)||henryweb.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "henryweb.net"] [uri "/"] [unique_id "Z5PQTAJrOlVnVcQOmep1SgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack