LRob.fr
2025-02-15 07:00:27
(3 hours ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
oncord
2025-02-14 11:30:03
(23 hours ago)
Form spam
Web Spam
SkyDancer
2025-02-12 14:00:04
(2 days ago)
Multiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blo ... show more Multiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Ai-D show less
Hacking
Brute-Force
SSH
Rizzy
2025-02-11 02:53:34
(4 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
el-brujo
2025-02-10 02:20:59
(5 days ago)
DDoS Attack Layer 7 Silent Bot
DDoS Attack
ozisp.com.au
2025-02-09 02:40:12
(6 days ago)
UA__<33>1739068811 [1:2522066:5793] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group ... show more UA__<33>1739068811 [1:2522066:5793] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 67 [Classification: Misc Attack] [Priority: 2] {TCP} 195.160.220.104:34940 show less
Open Proxy
MAGIC
2025-02-08 10:04:39
(1 week ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2025-02-07 20:27:40
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 07 15:27:36.339202 2025] [security2:error] [pid 1142:tid 1142] [client 195.160.220.104:40166] [client 195.160.220.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chicmeow.com"] [uri "/wp-config.php.maj"] [unique_id "Z6ZsuA4cftw8qStao5ZS_wAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
niceshops.com
2025-02-06 23:21:43
(1 week ago)
Web Attack multi (Feb 25 00:21:43 Matching rules: Detect possible SQL injection - E.g. Waitfor .. D ... show more Web Attack multi (Feb 25 00:21:43 Matching rules: Detect possible SQL injection - E.g. Waitfor .. Delay ) show less
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
gu-alvareza
2025-02-06 07:06:34
(1 week ago)
PHP.CGI.Argument.Injection
SQL Injection
Web App Attack
TPI-Abuse
2025-02-04 15:39:28
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 04 10:39:25.577100 2025] [security2:error] [pid 304700:tid 304700] [client 195.160.220.104:49442] [client 195.160.220.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eb5coalition.org"] [uri "/wp-config.php2"] [unique_id "Z6I0rUUsG9gWJ3d6PcdBJwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2025-02-04 15:17:12
(1 week ago)
Form spam
Web Spam
paissangroup
2025-02-01 03:14:55
(2 weeks ago)
Multiple WAF Violations
Web App Attack
oncord
2025-01-31 11:47:08
(2 weeks ago)
Form spam
Web Spam
TPI-Abuse
2025-01-30 17:50:19
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 195.160.220.104 (dedicated.sollutium.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 30 12:50:15.980690 2025] [security2:error] [pid 27730:tid 27881] [client 195.160.220.104:60896] [client 195.160.220.104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||atlasrecordssearch.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "atlasrecordssearch.com"] [uri "/lasrecordssearch.sql"] [unique_id "Z5u71znqAOB64Xv7XyxhHAAAANU"] show less
Brute-Force
Bad Web Bot
Web App Attack