|
๐ช๐ธ
10dencehispahard SL
|
|
Unauthorized login attempts [ accesslogs]
|
Brute-Force
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://leralmedia.com/bak/dump.sql
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 09 02:22:32.703263 2024] [security2:error] [pid 26819] [client 157.97.122.54:33485] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||thegoldentether.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thegoldentether.com"] [uri "/bak/www.sql"] [unique_id "ZewOONLpd-zBb22m7TrSswAAAAI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://p4u.xyz/back/www.zip
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 07 13:39:14.781221 2024] [security2:error] [pid 6916] [client 157.97.122.54:31729] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||teenybikinigirls.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teenybikinigirls.com"] [uri "/mysql.sql"] [unique_id "ZeoJ0pjo2K_K26nwCNVY-AAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 07 13:09:25.007800 2024] [security2:error] [pid 31618] [client 157.97.122.54:42539] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||fxztrader.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fxztrader.com"] [uri "/dump.sql"] [unique_id "ZeoC1eOEF6Uq_tQKLtq6DwAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://ncs.guru/bak/directory.tar.gz
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://ncs.guru/backup/bak.tar.gz
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://ncs.guru/application.zip
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 03 22:54:51.027636 2024] [security2:error] [pid 32362] [client 157.97.122.54:59773] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "entertainmentpublicblockchain.com"] [uri "/back/.env"] [unique_id "ZeVGC31NX_ReebfcQ6IIxQAAABs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 02 19:47:40.346514 2024] [security2:error] [pid 3214] [client 157.97.122.54:21751] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oliverhardy.com"] [uri "/restore/.env"] [unique_id "ZePIrJ1zAJ-pABL7ZcQ1gAAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 28 14:23:58.721744 2024] [security2:error] [pid 23606] [client 157.97.122.54:41427] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||chewlas.brandpumice.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chewlas.brandpumice.com"] [uri "/restore/backup.sql"] [unique_id "Zd-IThQOqrMiL3jmu99oqgAAAAk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 28 11:47:58.951725 2024] [security2:error] [pid 8816] [client 157.97.122.54:22297] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcointoolshop.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcointoolshop.com"] [uri "/backup/backup.sql"] [unique_id "Zd9jviKUPHjLw0HUhaJApAAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 157.97.122.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 26 00:03:23.751092 2024] [security2:error] [pid 19373] [client 157.97.122.54:4521] [client 157.97.122.54] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsubscribers.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsubscribers.com"] [uri "/back/wallet.dat"] [unique_id "Zdwbm5ogxEmBM4HN0Yd1egAAABY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
hbrks
|
|
HEAD http://crm.marche-be.com/old/backup.sql
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|