๐ท๐ธ
Smel
2025-10-30 04:33:08
(8 months ago)
Unauthorized Probe/Connection, Hack -
Port Scan
Hacking
๐ธ๐ฎ
borisperc
2025-08-03 10:36:26
(10 months ago)
Web Spam
Port Scan
Hacking
SQL Injection
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-18 11:27:18
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 18 07:27:13.008199 2025] [security2:error] [pid 16608:tid 16608] [client 23.154.177.21:31916] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||weird.eco|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "weird.eco"] [uri "/wei.sql"] [unique_id "Z9lYkQWjQj9oFCBPt9K_OAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-03-17 22:44:22
(1 year ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฆ๐บ
oncord
2025-02-28 01:55:51
(1 year ago)
Form spam
Web Spam
๐ช๐ธ
el-brujo
2025-02-10 02:20:59
(1 year ago)
DDoS Attack Layer 7 Silent Bot
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-01-24 11:42:04
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 06:42:01.098266 2025] [security2:error] [pid 9318:tid 9318] [client 23.154.177.21:31494] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anouk.ee"] [uri "/wp-config.php-bak"] [unique_id "Z5N8iZyAGLlgjaCZEj_XCgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2025-01-23 11:45:32
(1 year ago)
23.154.177.21 - - [23/Jan/2025:13:44:39 +0200] "GET /wp-content/plugins/download-manager/readme.txt ...
show more
23.154.177.21 - - [23/Jan/2025:13:44:39 +0200] "GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1" 404 2814 "-" "Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
23.154.177.21 - - [23/Jan/2025:13:44:39 +0200] "GET /wp-content/plugins/download-manager/readme.txt HTTP/1.1" 404 2815 "-" "Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
David Ferneding
2025-01-04 07:54:03
(1 year ago)
Part of large-scale ddos-attack, 158289 requests from this ip
DDoS Attack
๐ฆ๐บ
MAGIC
2025-01-01 14:01:12
(1 year ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2024-12-31 06:37:01
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 31 01:36:57.753984 2024] [security2:error] [pid 975452:tid 975452] [client 23.154.177.21:49130] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerbypage.com"] [uri "/.git/config"] [unique_id "Z3ORCbUdZTM_m_STFSGpEAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-22 23:56:46
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 22 18:56:41.230045 2024] [security2:error] [pid 1283695:tid 1283695] [client 23.154.177.21:19614] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lzbvi.com"] [uri "/wp-config.php_old2018"] [unique_id "Z2inOUw-h9UfljOUZyQ_FwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
niceshops.com
2024-12-19 03:33:39
(1 year ago)
Web Attack multi (Dec 24 04:33:38 Matching rules: Detect possible SQL injection - E.g. Sleep(5) )
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-16 18:10:16
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 13:10:09.981353 2024] [security2:error] [pid 5689:tid 5689] [client 23.154.177.21:51098] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newportfertility.com"] [uri "/wp-config.php_bk"] [unique_id "Z2BtAdxaX5sjrD_eJjn6CgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-15 09:13:42
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 23.154.177.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 15 04:13:35.016678 2024] [security2:error] [pid 3518:tid 3518] [client 23.154.177.21:41118] [client 23.154.177.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "penguinexpressmag.com"] [uri "/erp/.env"] [unique_id "Z16dv_51f3f-nBHywl28igAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack