sms.ru
2024-12-07 07:48:34
(5 days ago)
/wp-admin/maint/wp-damin.php
Web App Attack
mnsf
2024-12-07 03:06:27
(6 days ago)
Too many Status 40X (16)
Brute-Force
Web App Attack
TPI-Abuse
2024-12-04 22:05:14
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 17:05:11.322528 2024] [security2:error] [pid 11077:tid 11077] [client 212.30.33.57:65215] [client 212.30.33.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bitcointoolfair.com"] [uri "/sftp-config.json"] [unique_id "Z1DSF4ROCKutn0ebmC6h-AAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
mawan
2024-12-02 00:04:03
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Dmitriy Erokhin
2024-11-27 06:00:04
(2 weeks ago)
Brute-Force
MAGIC
2024-11-27 04:11:12
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-11-19 05:01:55
(3 weeks ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-11-17 19:13:09
(3 weeks ago)
Form spam
Web Spam
MAGIC
2024-11-15 03:03:22
(4 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-11-08 18:43:57
(1 month ago)
Form spam
Web Spam
MAGIC
2024-11-08 15:02:37
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
penjaga BRIN
2024-10-09 10:14:44
(2 months ago)
SQL injection attempt.-112
Web App Attack
TPI-Abuse
2024-10-04 17:58:26
(2 months ago)
(mod_security) mod_security (id:220150) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:220150) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 04 13:56:06.844339 2024] [security2:error] [pid 3958015:tid 3958015] [client 212.30.33.57:19153] [client 212.30.33.57] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.*\\\\*\\\\/)?select)" at ARGS:tree. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5671"] [id "220150"] [rev "4"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.kountz.org|F|2"] [data "kountz/**/)/**/union/**/all/**/select/**/(chr(82)||chr(50)||chr(102)||chr(122)||(case/**/when/**/(3740=3740)/**/then/**/1/**/else/**/0/**/end)||chr(99)||chr(66)||chr(76)||chr(67))/**//**/--/**/-"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kountz.org"] [uri "/famsearch.php"] [unique_id "ZwAsNnI1MJbk8_fO2adjjwAAABs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-30 07:09:54
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 30 03:08:12.637469 2024] [security2:error] [pid 3726:tid 3726] [client 212.30.33.57:59895] [client 212.30.33.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "needtoorderprinting.com"] [uri "/platform/.env"] [unique_id "ZvpOXHACZtnSzEBB5nxQggAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-23 18:13:35
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 14:13:18.728209 2024] [security2:error] [pid 5374:tid 5374] [client 212.30.33.57:3653] [client 212.30.33.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.10mostwantedfugitives.com"] [uri "/platform/.env"] [unique_id "ZvGvvmQmanXsmD7z5HDi7AAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack