TPI-Abuse
2024-12-03 04:57:48
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 23:57:43.741033 2024] [security2:error] [pid 1378:tid 1378] [client 2a0b:f4c2:3::85:7307] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.sullico.com"] [uri "/.git/config"] [unique_id "Z06Px-pxG85c_bC7I-Rn5wAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-11-23 05:10:08
(2 weeks ago)
Probing for Wordpress vulnerabilities
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-20 08:00:18
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 03:00:15.265423 2024] [security2:error] [pid 21194:tid 21194] [client 2a0b:f4c2:3::85:44205] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.millcitymakers.com"] [uri "/.git/config"] [unique_id "Zz2XD9F9ryY5sjfeitb3OQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-08 18:30:07
(1 month ago)
| Multiple common web attacks from same source ip. (multiple servers)
Hacking
SQL Injection
Web App Attack
lyratris.com
2024-11-02 18:39:27
(1 month ago)
Layer 7 HTTP Flood
DDoS Attack
SCHAPPY
2024-09-29 01:41:08
(2 months ago)
Critical web app attack detected. URL file extension is restricted by policy
Web App Attack
TPI-Abuse
2024-09-04 19:18:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 04 15:17:55.847184 2024] [security2:error] [pid 2820141:tid 2820141] [client 2a0b:f4c2:3::85:36209] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.coastalpirates.com"] [uri "/.git/config"] [unique_id "ZtiyY2KCt38_bu5UeUdOoAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-28 23:20:47
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 19:20:42.306684 2024] [security2:error] [pid 13539:tid 13539] [client 2a0b:f4c2:3::85:41405] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ultratecnologia.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ultratecnologia.com"] [uri "/u.sql"] [unique_id "Zs-wylR_WT8HESW4hA4BvwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-22 07:55:39
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 03:55:35.091563 2024] [security2:error] [pid 16946:tid 16946] [client 2a0b:f4c2:3::85:49891] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||starvationacres.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "starvationacres.us"] [uri "/res.sql"] [unique_id "Zsbu91iOqqOpfzPCjtdK6QAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Admins@FBN
2024-08-19 15:09:37
(3 months ago)
FW-PortScan: Traffic Blocked srcport=34449 dstport=443
Port Scan
TPI-Abuse
2024-08-18 23:37:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 19:37:35.618283 2024] [security2:error] [pid 26314:tid 26376] [client 2a0b:f4c2:3::85:25265] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.n30ew.com"] [uri "/.git/config"] [unique_id "ZsKFv9RWGCRR-0hYV6dtaAAAAZg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 06:28:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 02:28:49.777382 2024] [security2:error] [pid 8588:tid 8588] [client 2a0b:f4c2:3::85:8407] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.coconut-homes.com"] [uri "/.git/config"] [unique_id "ZsGUoV330yyF1NdsipbGlAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 05:57:28
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 01:57:24.024594 2024] [security2:error] [pid 17826:tid 17826] [client 2a0b:f4c2:3::85:36105] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.buccinet.com"] [uri "/.git/config"] [unique_id "ZsGNRIzFjVn8jN26XmNv0AAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 00:29:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::85 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 20:29:45.351647 2024] [security2:error] [pid 7801:tid 7801] [client 2a0b:f4c2:3::85:51555] [client 2a0b:f4c2:3::85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.silvermoonpizza.com"] [uri "/.git/config"] [unique_id "ZsFAeQJMSwznPZ7dRvvx1QAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
4server
2024-08-10 06:48:50
(4 months ago)
[SatAug1008:48:47.7259132024][security2:error][pid3563561:tid3563609][client2a0b:f4c2:3::85:0][clien ... show more [SatAug1008:48:47.7259132024][security2:error][pid3563561:tid3563609][client2a0b:f4c2:3::85:0][client2a0b:f4c2:3::85]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\|tml\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5056\"][id\"382238\"][rev\"2\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:PHPfileexecutioninuploadsdirectorydenied\"][data\"wp-content/uploads/mfw-activity-logger/csv-uploads/evil.php\"][severity\"CRITICAL\"][hostname\"prstartup.ch\"][uri\"/wp-content/uploads/mfw-activity-logger/csv-uploads/evil.php\"][unique_id\"ZrcNT1uT4YYyaqKl-NReiQAAAM8\"][SatAug1008:48:48.2733702024][security2:error][pid3563561:tid3563609][client2a0b:f4c2:3::85:0][client2a0b:f4c2:3::85]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\|tml\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5056\"][id\"382238\"][rev\"2\"][msg\"Atomicor show less
Port Scan
Brute-Force
Web App Attack