Anonymous
2024-09-28 19:24:05
(4 days ago)
Probing to gain illegal access
Web App Attack
TPI-Abuse
2024-09-19 03:25:49
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 18 23:25:46.619238 2024] [security2:error] [pid 13476:tid 13476] [client 212.30.36.99:51239] [client 212.30.36.99] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||krupaandsons.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "krupaandsons.com"] [uri "/backup/mysql.sql"] [unique_id "ZuuZunPKhWCFaKlon4UjEgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-09-03 14:16:51
(1 month ago)
Form spam
Web Spam
MAGIC
2024-09-03 08:01:04
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-08-21 21:54:58
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 17:54:41.116245 2024] [security2:error] [pid 22350:tid 22350] [client 212.30.36.99:54649] [client 212.30.36.99] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||olimpiacerda.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "olimpiacerda.com"] [uri "/backups/dump.sql"] [unique_id "ZsZiITndOfp0tAOv6j42sgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-14 10:09:59
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-22 05:37:40
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 01:37:25.936234 2024] [security2:error] [pid 553169:tid 553169] [client 212.30.36.99:14475] [client 212.30.36.99] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||barnesandbrower.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "barnesandbrower.com"] [uri "/restore/mysql.sql"] [unique_id "Zp3wFT8W45QXl2b2kz0DEAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-07-21 04:07:56
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-19 09:02:09
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.36.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 19 05:01:52.757220 2024] [security2:error] [pid 30212:tid 30212] [client 212.30.36.99:26683] [client 212.30.36.99] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||towlesilvapsychotherapy.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "towlesilvapsychotherapy.com"] [uri "/wallet.dat"] [unique_id "ZporgPkVWTsy6jXmcPdJPgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
archiv-pm
2024-07-07 05:53:33
(2 months ago)
Probing for resource vulnerabilities HTTP(S)
Web App Attack
Linuxmalwarehuntingnl
2024-07-01 10:38:11
(3 months ago)
Unauthorized connection attempt
Brute-Force
Admins@FBN
2024-06-24 22:30:33
(3 months ago)
FW-PortScan: Traffic Blocked srcport=28791 dstport=443
Port Scan
hbrks
2024-06-21 06:36:47
(3 months ago)
HEAD http://ncs.guru/backup/directory.tar.gz
Web Spam
Web Spam
Hacking
Hacking
Bad Web Bot
Bad Web Bot
oncord
2024-06-19 15:39:28
(3 months ago)
Form spam
Web Spam
Web Spam
MAGIC
2024-06-19 06:07:04
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
DDoS Attack
Bad Web Bot
Bad Web Bot