๐ฆ๐บ
MAGIC
2025-02-04 07:01:56
(1 year ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-01-22 10:16:40
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 05:16:34.162804 2025] [security2:error] [pid 31444:tid 31468] [client 2a00:1b88:4::4:45212] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||georgementz.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "georgementz.com"] [uri "/db.sql"] [unique_id "Z5DFgmfQg-3UMgz-CKMndgAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-01-21 11:56:37
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 06:56:33.489055 2025] [security2:error] [pid 3576774:tid 3576774] [client 2a00:1b88:4::4:49376] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||antonyg.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "antonyg.com"] [uri "/db.sql"] [unique_id "Z4-LcUsl0O5GFxjGlFgk3QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
exxos
2025-01-16 16:23:30
(1 year ago)
php-rapid-access attacks
DDoS Attack
๐ต๐ฑ
sefinek.net
2025-01-14 22:51:46
(1 year ago)
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
ASN: 29075 (IELO IELO Main Ne ...
show more
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
ASN: 29075 (IELO IELO Main Network)
Protocol: HTTP/2 (GET method)
Endpoint: /blocklist-generator/rpz
Timestamp: 2025-01-14T21:43:44Z
Ray ID: 9020cda4ec6101bf
UA: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0
Report generated by Cloudflare-WAF-To-AbuseIPDB:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-01-07 06:15:27
(1 year ago)
(mod_security) mod_security (id:220150) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:220150) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 07 01:15:20.017218 2025] [security2:error] [pid 19274:tid 19274] [client 2a00:1b88:4::4:35562] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:term. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||rochesterhistorical.org|F|2"] [data "aaa'unionselect1,sleep(6),3---"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rochesterhistorical.org"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Z3zGeOkIGAd1UZbRWhjqogAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-31 05:04:40
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 31 00:04:34.330139 2024] [security2:error] [pid 8374:tid 8374] [client 2a00:1b88:4::4:60688] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.kuddlkat.com"] [uri "/.git/config"] [unique_id "Z3N7Ysa6QkQWyu1V5iUF8QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
afleventoffice.com.au
2024-12-31 00:24:27
(1 year ago)
GET /admin HTTP/1.1
Web App Attack
๐ซ๐ท
Nicolmn
2024-12-30 02:02:40
(1 year ago)
Web form spam ( id b-hmmm.l )
Web Spam
๐บ๐ธ
TPI-Abuse
2024-12-18 00:09:18
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210730) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 17 19:09:14.270104 2024] [security2:error] [pid 1712:tid 1712] [client 2a00:1b88:4::4:51294] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kdgsf.xyz|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kdgsf.xyz"] [uri "/wordpress.sql"] [unique_id "Z2ISqtL9DDrocYCcmC2r-QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-17 04:19:32
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 23:19:28.234697 2024] [security2:error] [pid 19302:tid 19302] [client 2a00:1b88:4::4:39078] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.creativeartstasmania.com"] [uri "/.git/config"] [unique_id "Z2D70GHIvvep7TbVaLUfdwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-16 12:39:33
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 07:39:28.786621 2024] [security2:error] [pid 29289:tid 29289] [client 2a00:1b88:4::4:39876] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marjosse.com"] [uri "/larafirst/.env"] [unique_id "Z2AfgKx3CeIIxLuplpezjAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-13 00:16:12
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 12 19:16:08.024075 2024] [security2:error] [pid 2246647:tid 2246647] [client 2a00:1b88:4::4:53788] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rachelfia.com"] [uri "/wp-config.phped"] [unique_id "Z1t8yIzH1NlhlpSdV6-58gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-11 19:13:21
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 11 14:13:13.284872 2024] [security2:error] [pid 1100987:tid 1100987] [client 2a00:1b88:4::4:47386] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bigislandhawaiirealty.com"] [uri "/.git/config"] [unique_id "Z1nkSSMrPIR1BYHximKHIQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-12-03 13:47:39
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 sec ...
show more
(mod_security) mod_security (id:210492) triggered by 2a00:1b88:4::4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 08:47:33.976980 2024] [security2:error] [pid 29160:tid 29160] [client 2a00:1b88:4::4:54996] [client 2a00:1b88:4::4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.oldtowntownship-il.gov"] [uri "/.git/config"] [unique_id "Z08L9b-QCp_bizHkyLJQFQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack