MAGIC
2024-11-30 17:00:26
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-10-29 05:36:02
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 29 01:35:56.228823 2024] [security2:error] [pid 28904:tid 28904] [client 188.212.135.19:55983] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.mindtoken.app|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindtoken.app"] [uri "/back/mysql.sql"] [unique_id "ZyB0PHZp3eZCKYShzSULKAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-23 06:36:02
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 23 02:35:55.204710 2024] [security2:error] [pid 15493:tid 15493] [client 188.212.135.19:28937] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||intercotrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "intercotrading.com"] [uri "/bak/sql.sql"] [unique_id "ZxiZS-UNz8ltucpZlfk6CQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-09 21:41:33
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 17:41:25.144929 2024] [security2:error] [pid 3531:tid 3531] [client 188.212.135.19:36429] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||firejasstrio.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "firejasstrio.com"] [uri "/old/mysql.sql"] [unique_id "Zwb4hQSj7h6duSfrFlK8vwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-08 16:50:18
(2 months ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-09-24 11:55:45
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 07:55:38.453269 2024] [security2:error] [pid 29519:tid 29519] [client 188.212.135.19:57955] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bayareamustangs.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bayareamustangs.com"] [uri "/bak/backup.sql"] [unique_id "ZvKoullirX7E7VrZNgJaeQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
RF68
2024-09-24 07:13:36
(2 months ago)
188.212.135.19 [23/Sep/2024 * Spam host detected, probing for vulnerabilities]
Web Spam
Exploited Host
Web App Attack
TPI-Abuse
2024-07-30 23:02:52
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 19:02:44.418912 2024] [security2:error] [pid 24503:tid 24503] [client 188.212.135.19:43271] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.crypto-stamps.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.crypto-stamps.com"] [uri "/restore/mysql.sql"] [unique_id "ZqlxFHMaFbzcYOy6j2j0jQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Burayot
2024-07-05 17:23:06
(5 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 188.212.135.19 (PL/Poland/-): 2 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 188.212.135.19 (PL/Poland/-): 2 in the last 3600 secs show less
Web App Attack
hbrks
2024-07-04 05:02:15
(5 months ago)
HEAD http://epay.worldHEAD /bak/sql.sql HTTP/1.1
Web Spam
Hacking
Bad Web Bot
hbrks
2024-07-04 01:14:55
(5 months ago)
HEAD http://epay.worldHEAD /old/public_html.rar HTTP/1.1
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-06-30 10:48:52
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 30 06:48:44.353951 2024] [security2:error] [pid 22765] [client 188.212.135.19:19951] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doubloonswap.com"] [uri "/bak/sftp-config.json"] [unique_id "ZoE4DDeQRZNIobv7YUBqbAAAACQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-06-03 19:11:06
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 03 15:10:59.867514 2024] [security2:error] [pid 1854074] [client 188.212.135.19:45901] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||prostar.industries|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "prostar.industries"] [uri "/restore/www.sql"] [unique_id "Zl4VQ098FtNOE8OpEfI6kwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-05-20 15:08:24
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
backslash
2024-05-19 06:38:45
(6 months ago)
Web Spam