i-turnradio.nl
2024-08-11 20:25:05
(3 months ago)
2024-08-11 @ 22:25:04 (CET) ~ Blocked for trying to access: /erker/wp/wp-login.php
Web App Attack
TPI-Abuse
2024-08-05 23:35:05
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 19:34:56.783192 2024] [security2:error] [pid 29286:tid 29286] [client 217.138.202.61:47083] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dudleyanddudley.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dudleyanddudley.com"] [uri "/bak/mysql.sql"] [unique_id "ZrFhoFaJrTMom2Fn9VcFeAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-29 02:18:22
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 22:18:14.429987 2024] [security2:error] [pid 27982:tid 27982] [client 217.138.202.61:17413] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.hodlmoser.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.hodlmoser.com"] [uri "/wallet.dat"] [unique_id "Zqb75uVP6wKMYebQxNkXCwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2024-07-28 05:09:09
(4 months ago)
Web Spam
Anonymous
2024-07-26 18:49:32
(4 months ago)
SPROVFR WEBFORM SPAM 217.138.202.61 (217.138.202.61)
Web Spam
maximonline.co.za
2024-07-26 16:27:04
(4 months ago)
Contact form spam.
Web Spam
oncord
2024-07-26 13:10:14
(4 months ago)
Form spam
Web Spam
TPI-Abuse
2024-07-22 21:49:28
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 17:49:22.824539 2024] [security2:error] [pid 5386:tid 5386] [client 217.138.202.61:58137] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spectorworld.com"] [uri "/backup/sftp-config.json"] [unique_id "Zp7T4jl_nDr_S_28H13DIgAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-07-20 23:26:22
(4 months ago)
HEAD http://p4u.xyz/backup/archive.zip
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-07-20 23:12:34
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 20 19:12:27.577787 2024] [security2:error] [pid 19031:tid 19031] [client 217.138.202.61:59333] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nationalenq.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nationalenq.com"] [uri "/back/mysql.sql"] [unique_id "ZpxEW5r16TAcOntMzpS4pAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-07-15 23:50:32
(4 months ago)
HEAD http://epay.world/back/mysql.sql
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-07-15 23:42:13
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 15 19:42:05.174632 2024] [security2:error] [pid 307] [client 217.138.202.61:49299] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.robcohn.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.robcohn.com"] [uri "/restore/dump.sql"] [unique_id "ZpWzzaLlmcWu_QWETzACzQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-07-15 23:01:11
(4 months ago)
HEAD http://marche-be.com/backup/config.js
Web Spam
Hacking
Bad Web Bot
Anonymous
2024-07-14 04:09:10
(4 months ago)
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less
Brute-Force
SSH
TPI-Abuse
2024-07-04 13:42:46
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 217.138.202.61 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 09:42:39.632061 2024] [security2:error] [pid 19880] [client 217.138.202.61:34607] [client 217.138.202.61] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ourhotmail.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ourhotmail.com"] [uri "/bak/sql.sql"] [unique_id "Zoamz2aKBw8_tB2deo_lggAAACc"] show less
Brute-Force
Bad Web Bot
Web App Attack