Anonymous
2024-12-01 01:01:43
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-16 06:18:00
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-15 04:08:21
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-15 01:26:18
(4 weeks ago)
wordpress-trap
Web App Attack
nyuuzyou
2024-11-10 10:40:41
(1 month ago)
Intensive scraping: /web?s=Top%20commercial%20real%20estate%20firms%20in%20California&country=or-or& ... show more Intensive scraping: /web?s=Top%20commercial%20real%20estate%20firms%20in%20California&country=or-or&scraper=mojeek. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51. show less
Bad Web Bot
Anonymous
2024-10-19 17:41:26
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-07-27 09:07:04
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
xveil
2024-06-24 01:41:50
(5 months ago)
2024-06-24T08:41:45.952929 mail-honeypot postfix/submission/smtpd[3010]: warning: unknown[173.239.23 ... show more 2024-06-24T08:41:45.952929 mail-honeypot postfix/submission/smtpd[3010]: warning: unknown[173.239.236.2]: SASL LOGIN authentication failed: authentication failure
... show less
Brute-Force
TPI-Abuse
2024-05-29 23:13:58
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 19:13:44.410468 2024] [security2:error] [pid 1006471] [client 173.239.236.2:40061] [client 173.239.236.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||isandbox.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "isandbox.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zle2qBf_nsroUe3atZ3WVgAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-25 23:40:08
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 25 19:39:49.972650 2024] [security2:error] [pid 18831] [client 173.239.236.2:3489] [client 173.239.236.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||davidtempleofdeliverance.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "davidtempleofdeliverance.org"] [uri "/site/default/settings.php.BAK"] [unique_id "ZlJ2xZQmuy2SkinaeC8S6gAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-23 22:38:19
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 173.239.236.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 18:38:05.717838 2024] [security2:error] [pid 1073:tid 47381383034624] [client 173.239.236.2:11143] [client 173.239.236.2] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||potashbarn.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "potashbarn.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zk_FTZkblmx1l0q7PILAwwAAAFQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-05-23 02:03:20
(6 months ago)
Scanning/Probing (246)
Request Overload (4092)
Brute-Force
Web App Attack
Anonymous
2024-05-19 02:13:04
(6 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
oncord
2023-09-19 07:20:53
(1 year ago)
Form spam
Web Spam
weblite
2023-03-30 03:21:03
(1 year ago)
WP_LOGIN_FAIL
Web App Attack