MAGIC
2025-02-09 17:03:29
(2 days ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
VHosting
2025-02-04 02:41:14
(1 week ago)
Attempt from 199.127.61.75, reason: TooManyBadRequests
DDoS Attack
Bad Web Bot
ecodehost.com
2025-02-03 01:56:43
(1 week ago)
Domain : topconmk.com
Rule : hack
2025-02-03 01:54:54 10.100.1.20 GET /index.php Itemid= ... show more Domain : topconmk.com
Rule : hack
2025-02-03 01:54:54 10.100.1.20 GET /index.php Itemid=95 show less
Hacking
SQL Injection
Brute-Force
Information Security
2025-02-02 13:15:28
(1 week ago)
Web App Attack
Web App Attack
MAGIC
2025-02-01 02:10:42
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Information Security
2025-01-24 00:58:21
(2 weeks ago)
Web App Attack
Web App Attack
TPI-Abuse
2025-01-23 01:05:18
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 20:05:12.282734 2025] [security2:error] [pid 10957:tid 11043] [client 199.127.61.75:50146] [client 199.127.61.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||unitedonegroup.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "unitedonegroup.com"] [uri "/index.php"] [unique_id "Z5GVyAIndVLah-mKtPQqPAAAAJM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-22 22:25:49
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 17:25:42.044705 2025] [security2:error] [pid 14613:tid 14613] [client 199.127.61.75:56393] [client 199.127.61.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||stragar.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stragar.com"] [uri "/index.php"] [unique_id "Z5FwZgifvgwOlHHEJRLZwAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-22 15:46:16
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 10:46:11.258868 2025] [security2:error] [pid 30901:tid 30901] [client 199.127.61.75:49274] [client 199.127.61.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.shukrisharawico.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.shukrisharawico.com"] [uri "/module.php"] [unique_id "Z5ESw7TIEkluAiVEbMnjSgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2025-01-22 15:11:21
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
TPI-Abuse
2025-01-22 15:03:07
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 10:03:01.107944 2025] [security2:error] [pid 6451:tid 6451] [client 199.127.61.75:54077] [client 199.127.61.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.beach98.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.beach98.com"] [uri "/properties-detail.php"] [unique_id "Z5EIpSZ4umB9cRVlJe0dsQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Aetherweb Ark
2025-01-22 15:00:12
(2 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (US/United States/-): N in the la ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (US/United States/-): N in the last X secs show less
Web App Attack
tjs
2025-01-22 11:55:00
(2 weeks ago)
web attack, SQL injection attempt
Hacking
SQL Injection
Web App Attack
TheMadBeaker
2025-01-22 02:36:19
(3 weeks ago)
Fail2Ban Ban Triggered
HTTP SQL Injection Attempt
Hacking
SQL Injection
TPI-Abuse
2025-01-22 02:28:25
(3 weeks ago)
(mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 199.127.61.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 21:28:18.941190 2025] [security2:error] [pid 15841:tid 15841] [client 199.127.61.75:54908] [client 199.127.61.75] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.urbanreinventors.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.urbanreinventors.net"] [uri "/paper.php"] [unique_id "Z5BXwstOgHLwdyjDIPicrwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack