cmbplf
2024-06-02 18:07:07
(7 months ago)
252 requests to */.well-known/pki-validation/*.php
Brute-Force
Bad Web Bot
10dencehispahard SL
2024-05-28 07:00:05
(7 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
SaferWeb
2024-05-27 23:31:10
(7 months ago)
#2 (Annoying-bot) Annoying bot triggerd 212.30.36.210 (DE/Germany/-): 1 in the last 600 secs; Ports: ... show more #2 (Annoying-bot) Annoying bot triggerd 212.30.36.210 (DE/Germany/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-23 16:07:12
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 12:07:07.180734 2024] [security2:error] [pid 6382] [client 212.30.36.210:25369] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mindtoken.app|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mindtoken.app"] [uri "/restore/wallet.dat"] [unique_id "Zk9pq394l7W0rYr_VH6bBAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-13 09:18:01
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 13 05:17:53.880133 2024] [security2:error] [pid 4134047:tid 47100977407744] [client 212.30.36.210:60001] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||honorac.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "honorac.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZkHawRpwaXBtQEDyJsIuyQAAAgE"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-05-12 13:02:59
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
hbrks
2024-05-11 07:26:02
(8 months ago)
HEAD http://ncs.guru/back/www.sql * statusCode: 503 *
Web Spam
Hacking
Bad Web Bot
syokadmin
2024-05-04 16:18:34
(8 months ago)
212.30.36.210 (DE/Germany/-), more than 2 Apache 403 hits in the last 3600 secs
Brute-Force
INTEQ
2024-05-04 15:09:26
(8 months ago)
Web attack from 212.30.36.210
Web App Attack
Anonymous
2024-05-04 03:00:09
(8 months ago)
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less
Brute-Force
SSH
mnsf
2024-05-03 11:05:23
(8 months ago)
Too many Status 40X (25)
Brute-Force
Web App Attack
10dencehispahard SL
2024-04-25 03:01:52
(8 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
TPI-Abuse
2024-04-18 01:07:15
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 17 21:07:09.849216 2024] [security2:error] [pid 15513] [client 212.30.36.210:7595] [client 212.30.36.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nationalenq.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nationalenq.com"] [uri "/backup.sql"] [unique_id "ZiByPRkD4-f8bnj5Ki5QVwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-03-26 12:34:08
(9 months ago)
Form spam
Web Spam
MAGIC
2024-03-22 02:08:50
(10 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot