๐ฌ๐ง
rakkor
2024-02-18 21:34:41
(2 years ago)
2024-02-18T21:34:40+00:00 NAS [Sun Feb 18 21:34:40.559999 2024] [proxy_fcgi:error] [pid 21270:tid 14 ...
show more
2024-02-18T21:34:40+00:00 NAS [Sun Feb 18 21:34:40.559999 2024] [proxy_fcgi:error] [pid 21270:tid 140478582355648] [client 176.31.68.205:33726] AH01071: Got error 'Primary script unknown', referer: rakkor.uk
...
show less
Hacking
Brute-Force
๐ฉ๐ช
Hazzard
2024-02-18 20:41:28
(2 years ago)
176.31.68.205 (FR/France/รle-de-France/Paris/www.gespol.org/[redacted]), more than 3 Apache 403 hits
Hacking
๐ฎ๐ช
Jim Keir
2024-02-17 23:12:03
(2 years ago)
2024-02-17 23:12:02 176.31.68.205 File scanning, blocking 176.31.68.205 for 5 minutes
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-17 09:04:36
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 17 04:04:31.235353 2024] [security2:error] [pid 9568] [client 176.31.68.205:40902] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||hydrometal-js.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hydrometal-js.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdB2n0uuJIpOEgIy-LyEkwAAAA8"], referer: hydrometal-js.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-17 08:44:39
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 17 03:44:32.445266 2024] [security2:error] [pid 30873] [client 176.31.68.205:48766] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||attheendtime.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "attheendtime.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdBx8EDsTiTdKfmRn_iBawAAAAY"], referer: attheendtime.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
eminovic.ba
2024-02-17 08:38:41
(2 years ago)
BRUTE FORCE: Excessive 404 hits
...
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-17 05:26:23
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 17 00:26:17.422936 2024] [security2:error] [pid 4357] [client 176.31.68.205:60532] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||stephaniekrouse.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stephaniekrouse.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdBDeT13vl8GKMWAAQueyQAAABE"], referer: stephaniekrouse.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-17 01:54:35
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 16 20:54:31.508908 2024] [security2:error] [pid 11379] [client 176.31.68.205:43572] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||showmestategolf.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "showmestategolf.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "ZdAR1zQttJvYypmcLK3qgwAAAAA"], referer: showmestategolf.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-02-17 01:24:22
(2 years ago)
Fail2Ban - Wordpress brute-force attack
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-16 23:10:59
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 16 18:10:52.036085 2024] [security2:error] [pid 29992] [client 176.31.68.205:51656] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||taekwondoit.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "taekwondoit.com"] [uri "/wp2/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "Zc_rfEf03fJ3qtSqBD0hqAAAAA4"], referer: taekwondoit.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-16 22:50:39
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 16 17:50:33.258357 2024] [security2:error] [pid 1393] [client 176.31.68.205:50520] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||univey.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "univey.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "Zc_muXh0iswCwXvZ_ySiTQAAAAg"], referer: univey.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2024-02-16 21:10:03
(2 years ago)
Probing for Wordpress vulnerabilities
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-16 16:20:40
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 176.31.68.205 (www.gespol.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 16 11:20:33.572116 2024] [security2:error] [pid 11611] [client 176.31.68.205:44144] [client 176.31.68.205] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sirio-b.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sirio-b.com"] [uri "/wp-content/plugins/wordfence/vendor/wordfence/wf-waf/src/rules.key"] [unique_id "Zc-LUUrafNpgE8q7xIPu0gAAAAg"], referer: sirio-b.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2024-02-16 07:21:30
(2 years ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Hazzard
2024-02-13 20:08:03
(2 years ago)
176.31.68.205 (FR/France/รle-de-France/Paris/www.gespol.org/[redacted]), more than 3 Apache 403 hits
Hacking