oncord
2024-12-07 13:14:38
(1 day ago)
Form spam
Web Spam
Progetto1
2024-12-06 01:54:06
(3 days ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
MSZ
2024-12-02 07:32:25
(6 days ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
jcbriar
2024-12-01 22:58:26
(1 week ago)
Searching for vulnerable scripts
Hacking
Web App Attack
thefoofighter
2024-12-01 04:54:32
(1 week ago)
[Sun Dec 01 04:54:16.569180 2024] [:error] [pid 3954236] [client 212.30.36.210:56007] [client 212.30 ... show more [Sun Dec 01 04:54:16.569180 2024] [:error] [pid 3954236] [client 212.30.36.210:56007] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 13)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "63.250.44.172"] [uri "/.env.old"] [unique_id "Z0vr-CE-8IsnWuuSnGqYOgAAABQ"]
[Sun Dec 01 04:54:32.313105 2024] [:error] [pid 3954060] [client 212.30.36.210:46811] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3
... show less
Bad Web Bot
Web App Attack
MAGIC
2024-11-30 05:04:00
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
david1117
2024-11-30 01:33:15
(1 week ago)
Bruteforcing Access to Web Application
Web App Attack
IoT Targeted
Anonymous
2024-11-23 17:00:07
(2 weeks ago)
| A web attack returned code 200 (success).
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2024-11-23 11:34:47
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 06:34:44.227928 2024] [security2:error] [pid 26499:tid 26499] [client 212.30.36.210:1773] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||localteaching.network|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "localteaching.network"] [uri "/old/backup.sql"] [unique_id "Z0G91EAC_gJ0X87T7OOXvwAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-11 00:35:07
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
oncord
2024-11-07 19:38:33
(1 month ago)
Form spam
Web Spam
oncord
2024-11-06 06:18:12
(1 month ago)
Form spam
Web Spam
TPI-Abuse
2024-11-02 14:20:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 02 10:20:21.584385 2024] [security2:error] [pid 4003:tid 4003] [client 212.30.36.210:60769] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsquaretrade.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsquaretrade.com"] [uri "/bak/backup.sql"] [unique_id "ZyY1JWbsLbSEw6EpJ2vvjAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-10-23 18:00:47
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-10-15 14:28:57
(1 month ago)
Form spam
Web Spam