sms.ru
2024-12-10 14:38:14
(1 hour ago)
/wp-admin/network/wp-login.php
Web App Attack
sms.ru
2024-12-07 22:28:07
(2 days ago)
/wp-admin/css/OK.php
Web App Attack
mnsf
2024-12-06 17:04:22
(3 days ago)
Too many Status 40X (17)
Brute-Force
Web App Attack
Burayot
2024-11-30 02:08:22
(1 week ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 185.192.16.38 (IE/Ireland/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 185.192.16.38 (IE/Ireland/-): 1 in the last 3600 secs show less
Web App Attack
TPI-Abuse
2024-11-27 11:54:25
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 27 06:54:19.626691 2024] [security2:error] [pid 20464:tid 20464] [client 185.192.16.38:54303] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cvgandhes.investments|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cvgandhes.investments"] [uri "/backups/dump.sql"] [unique_id "Z0cIazVcyWI7_H84bPk4iAAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-11-21 07:17:19
(2 weeks ago)
Form spam
Web Spam
nyuuzyou
2024-11-14 20:19:34
(3 weeks ago)
Intensive scraping: /web?s=Industrial%20real%20estate%20California&country=id-id&scraper=marginalia. ... show more Intensive scraping: /web?s=Industrial%20real%20estate%20California&country=id-id&scraper=marginalia. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36. show less
Bad Web Bot
unifr
2024-11-09 12:20:24
(1 month ago)
Unauthorized IMAP connection attempt
Brute-Force
Anonymous
2024-11-07 05:25:07
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-10-26 17:06:00
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 13:05:56.828081 2024] [security2:error] [pid 5780:tid 5780] [client 185.192.16.38:56787] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||loriatrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "loriatrading.com"] [uri "/www.sql"] [unique_id "Zx0hdB8sadcdaYzrFqvZlwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 12:44:15
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 08:44:12.201108 2024] [security2:error] [pid 8384:tid 8384] [client 185.192.16.38:40313] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ezecredit.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ezecredit.net"] [uri "/back/mysql.sql"] [unique_id "Zw0SHJNaw3ererDBDzqHZwAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-06-23 01:39:03
(5 months ago)
HEAD http://epay.world/back/dump.sql
Web Spam
Web Spam
Hacking
Hacking
Bad Web Bot
Bad Web Bot
TPI-Abuse
2024-06-19 15:50:04
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 19 11:49:59.537454 2024] [security2:error] [pid 14052] [client 185.192.16.38:4813] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||csgohub.gg|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "csgohub.gg"] [uri "/sql.sql"] [unique_id "ZnL-J7F82Wh62x-6ktkdCAAAAAk"] show less
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
TPI-Abuse
2024-05-31 10:40:43
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 31 06:40:40.266020 2024] [security2:error] [pid 17142] [client 185.192.16.38:21891] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||swhowell.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "swhowell.com"] [uri "/back/wallet.dat"] [unique_id "ZlmpKJInsDXtoSZtA3fWRgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-18 05:37:09
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.192.16.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 18 01:37:04.986046 2024] [security2:error] [pid 13250] [client 185.192.16.38:13271] [client 185.192.16.38] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||qcryptocoin.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qcryptocoin.com"] [uri "/bak/sql.sql"] [unique_id "Zkg-gHpbmpJXwhfvUMdi9QAAACI"] show less
Brute-Force
Bad Web Bot
Web App Attack