Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 18 16:16:17.999433 2024] [security2:error] [pid 23564] [client 37.143.63.191:37709] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||acmax.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "acmax.com"] [uri "/index.php"] [unique_id "ZnHrEWU86G5zonAclH-6_wAAAAY"], referer: http://acmax.com/ show less
|
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 18 01:18:35.905068 2024] [security2:error] [pid 1718219:tid 47380970632960] [client 37.143.63.191:33743] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||batonrougegazette.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "batonrougegazette.com"] [uri "/xmlrpc.php"] [unique_id "ZnEYqwRrCn2hJWb3o_2YIAAAAYI"], referer: https://batonrougegazette.com/ show less
|
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
oncord
|
|
Form spam
|
Web Spam
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ accesslogs]
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 30 13:32:00.046380 2024] [security2:error] [pid 17204] [client 37.143.63.191:59109] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.rohanbyles.com.au|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.rohanbyles.com.au"] [uri "/wp-login.php"] [unique_id "Zli4EGWHjB9yHbIcWBnd0AAAAAA"], referer: https://www.rohanbyles.com.au/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
David
|
|
SQLi - Libinject with Exceptions ATTACKS WEB
|
Hacking
SQL Injection
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 10 05:34:30.295142 2024] [security2:error] [pid 9076] [client 37.143.63.191:52741] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.nancyscafeandcatering.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nancyscafeandcatering.com"] [uri "/wp-content/themes/eatery/nav.php"] [unique_id "Zj3qJnRp0O-eOFV7ecbFtwAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 25 04:01:51.828611 2024] [security2:error] [pid 20128] [client 37.143.63.191:61951] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||goldengatecorgis.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "goldengatecorgis.org"] [uri "/"] [unique_id "ZioN72J5ozwtP5kHWPudYAAAAAs"], referer: http://goldengatecorgis.org/?URL=https://www.mazafakas.com/user/profile/3866472 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|