TPI-Abuse
2024-12-05 04:37:51
(23 hours ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 23:37:44.837883 2024] [security2:error] [pid 14480:tid 14480] [client 188.212.135.129:44717] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sailingcharterburma.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sailingcharterburma.com"] [uri "/backups/backup.sql"] [unique_id "Z1EuGEOfvabC8lTmKiLDaAAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-30 15:50:43
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 10:50:41.066450 2024] [security2:error] [pid 17314:tid 17314] [client 188.212.135.129:63859] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||casinoaffiliateprogramsonline.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "casinoaffiliateprogramsonline.com"] [uri "/old/backup.sql"] [unique_id "Z0s0UXb-qgOwHcnIHlCjZwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
nyuuzyou
2024-11-12 10:01:27
(3 weeks ago)
Intensive scraping: /web?s=Residential%20construction%20California&country=th-th&scraper=mwmbl. User ... show more Intensive scraping: /web?s=Residential%20construction%20California&country=th-th&scraper=mwmbl. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0. show less
Bad Web Bot
nyuuzyou
2024-11-08 16:40:47
(3 weeks ago)
Intensive scraping: /web?s=Luggage%20repair%20service%20Balance%20of%20Dane&country=ig-ig&scraper=wi ... show more Intensive scraping: /web?s=Luggage%20repair%20service%20Balance%20of%20Dane&country=ig-ig&scraper=wiby. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51. show less
Bad Web Bot
MAGIC
2024-11-02 20:00:29
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-10-25 00:17:17
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 24 20:17:13.907904 2024] [security2:error] [pid 11464:tid 11464] [client 188.212.135.129:19115] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||asiabeef.network|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiabeef.network"] [uri "/restore/backup.sql"] [unique_id "ZxrjifEltmH4dkKb54GMMAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-28 21:10:44
(2 months ago)
(mod_security) mod_security (id:227650) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:227650) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 28 17:10:37.604497 2024] [security2:error] [pid 19427:tid 19427] [client 188.212.135.129:1601] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). String match "wp-login.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "2799"] [id "227650"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Nextend Facebook Connect plugin before 1.5.6 for WordPress (CVE-2015-4413)||joevallone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "joevallone.com"] [uri "/wp-login.php"] [unique_id "ZvhwzfrSOYp0_sWRDnyNAAAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-20 13:37:05
(2 months ago)
wordpress-trap
Web App Attack
hbrks
2024-08-07 14:35:50
(3 months ago)
HEAD http://marche-be.com/bak/public_html.gz
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-08-05 13:53:39
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 09:53:34.392445 2024] [security2:error] [pid 27687:tid 27687] [client 188.212.135.129:40723] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||thegoldentether.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thegoldentether.com"] [uri "/old/backup.sql"] [unique_id "ZrDZXvHFxakbRt0G6v9YHQAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-04 08:17:35
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 04:17:29.118869 2024] [security2:error] [pid 18902:tid 47386975794944] [client 188.212.135.129:28479] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bluetigertees.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bluetigertees.com"] [uri "/old/wallet.dat"] [unique_id "ZoZamRpSI0Od0Nlv2rTmcQAAAIc"] show less
Brute-Force
Bad Web Bot
Web App Attack
10dencehispahard SL
2024-06-30 10:04:53
(5 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
TPI-Abuse
2024-06-27 04:43:38
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 00:43:31.855043 2024] [security2:error] [pid 1238] [client 188.212.135.129:42205] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinpornhub.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinpornhub.com"] [uri "/restore/sql.sql"] [unique_id "Znzt8ypgfKd1atrhlbjOzAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-06-21 15:33:03
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 188.212.135.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 21 11:33:00.189267 2024] [security2:error] [pid 1325] [client 188.212.135.129:2451] [client 188.212.135.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "20e2lions.org"] [uri "/.env"] [unique_id "ZnWdLI08Via8M36eqso1qQAAAAU"] show less
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
10dencehispahard SL
2024-05-23 11:00:10
(6 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force