DerDoktor
2024-08-28 08:31:38
(1 week ago)
Aug 28 10:31:36
Fail2ban action triggered
Brute-Force
Anonymous
2024-08-27 05:50:20
(1 week ago)
apache-wordpress-login
Brute-Force
Web App Attack
oncord
2024-08-27 05:47:00
(1 week ago)
Form spam
Web Spam
VHosting
2024-08-27 00:12:26
(1 week ago)
Attempt from 204.8.96.77, reason: FailedCaptchaVerify
DDoS Attack
Bad Web Bot
4server
2024-08-26 12:08:26
(1 week ago)
[MonAug2614:08:24.5076592024][security2:error][pid3387065:tid3387149][client204.8.96.77:0][client204 ... show more [MonAug2614:08:24.5076592024][security2:error][pid3387065:tid3387149][client204.8.96.77:0][client204.8.96.77]ModSecurity:Accessdeniedwithcode403\(phase2\).Stringmatchwithin\".asa/.asax/.ascx/.backup/.bak/.bat/.cdx/.cer/.cfg/.cmd/.com/.config/.conf/.cs/.csproj/.csr/.dat/.db/.dbf/.dll/.dos/.htr/.htw/.ida/.idc/.idq/.inc/.ini/.key/.licx/.lnk/.log/.mdb/.old/.pass/.pdb/.pol/.printer/.pwd/.rdb/.resources/.resx/.sql/.swp/.sys/.vb/.vbs/.vbproj/.vsdisco/.webinfo/.xsx/\"atTX:extension.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"91\"][id\"390716\"][rev\"2\"][msg\"Atomicorp.comWAFRules:URLfileextensionisrestrictedbypolicy\"][data\".swp\"][severity\"ERROR\"][hostname\"giftech.ch\"][uri\"/.wp-config.php.swp\"][unique_id\"ZsxwOCNcE6rGpGiWvh9dlAAAAAo\"][MonAug2614:08:24.5222772024][security2:error][pid3387192:tid3387260][client204.8.96.77:0][client204.8.96.77]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-config\\\\\\\\.php\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/ show less
Port Scan
Brute-Force
Web App Attack
TPI-Abuse
2024-08-24 23:37:56
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 19:37:51.708967 2024] [security2:error] [pid 32676:tid 32676] [client 204.8.96.77:38312] [client 204.8.96.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.whodatnation.com"] [uri "/wp-config.bak"] [unique_id "Zspuzy3f06x2LeD-d2Jy8wAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-23 18:00:15
(2 weeks ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Rizzy
2024-08-20 17:38:49
(2 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Yawning Angel
2024-08-19 12:56:54
(2 weeks ago)
Hacking
Brute-Force
Anonymous
2024-08-18 20:45:27
(3 weeks ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
TPI-Abuse
2024-08-17 03:12:11
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last ... show more (mod_security) mod_security (id:210492) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 16 23:12:05.848218 2024] [security2:error] [pid 26765:tid 26765] [client 204.8.96.77:39848] [client 204.8.96.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lowkeytiki.com"] [uri "/wp-config.php.sample"] [unique_id "ZsAVBY6HmEKTucP3xaMKuQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
JPPO
2024-08-16 08:19:23
(3 weeks ago)
ET TOR Known Tor Exit Node Traffic group 80 ports , ports: 443(x1)
Port Scan
taivas.nl
2024-08-16 01:02:03
(3 weeks ago)
Wordpress_Attack
Web App Attack
TPI-Abuse
2024-08-14 22:48:00
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last ... show more (mod_security) mod_security (id:210730) triggered by 204.8.96.77 (tor24.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 18:47:54.242060 2024] [security2:error] [pid 15334:tid 15334] [client 204.8.96.77:59812] [client 204.8.96.77] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kochcreative.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kochcreative.com"] [uri "/config.backup"] [unique_id "Zr00GhU_XPXtLepkBd4PeQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2024-08-14 13:50:05
(3 weeks ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot