Burayot
2024-07-05 17:23:06
(6 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 188.212.135.19 (PL/Poland/-): 2 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 188.212.135.19 (PL/Poland/-): 2 in the last 3600 secs show less
Web App Attack
hbrks
2024-07-04 05:02:15
(6 months ago)
HEAD http://epay.worldHEAD /bak/sql.sql HTTP/1.1
Web Spam
Hacking
Bad Web Bot
hbrks
2024-07-04 01:14:55
(6 months ago)
HEAD http://epay.worldHEAD /old/public_html.rar HTTP/1.1
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-06-30 10:48:52
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 30 06:48:44.353951 2024] [security2:error] [pid 22765] [client 188.212.135.19:19951] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "doubloonswap.com"] [uri "/bak/sftp-config.json"] [unique_id "ZoE4DDeQRZNIobv7YUBqbAAAACQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-06-03 19:11:06
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 03 15:10:59.867514 2024] [security2:error] [pid 1854074] [client 188.212.135.19:45901] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||prostar.industries|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "prostar.industries"] [uri "/restore/www.sql"] [unique_id "Zl4VQ098FtNOE8OpEfI6kwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-05-20 15:08:24
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
backslash
2024-05-19 06:38:45
(8 months ago)
Web Spam
10dencehispahard SL
2024-05-18 19:00:02
(8 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
Anonymous
2024-04-29 08:18:17
(8 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-26 00:52:48
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-24 01:21:25
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-22 02:48:49
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-04-18 13:33:44
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 188.212.135.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 18 09:33:37.702143 2024] [security2:error] [pid 32059] [client 188.212.135.19:2649] [client 188.212.135.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cryptoedge.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cryptoedge.net"] [uri "/bak/mysql.sql"] [unique_id "ZiEhMUuseCGQRLO_BIDbvwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-03-02 22:36:18
(10 months ago)
Form spam
Web Spam
oncord
2024-03-01 18:29:28
(10 months ago)
Form spam
Web Spam