diego
|
|
Events: TCP SYN Discovery or Flooding, Seen 6 times in the last 10800 seconds
|
DDoS Attack
|
|
diego
|
|
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
|
DDoS Attack
|
|
diego
|
|
Events: TCP SYN Discovery or Flooding, Seen 17 times in the last 10800 seconds
|
DDoS Attack
|
|
diego
|
|
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
|
DDoS Attack
|
|
sefinek.net
|
|
Triggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 ( ... show moreTriggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 (CDNEXT)
Protocol: HTTP/1.1 (method GET)
Domain: sefinek.net
Endpoint: /genshin-stella-mod
Timestamp: 2024-10-05T22:15:21Z
Ray ID: 8ce0c5188f8d5ba3
Rule ID: cc5e7a6277d447eca9c1818934ba65c8
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68
Report generated by Node-Cloudflare-WAF-AbuseIPDB https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB show less
|
Bad Web Bot
|
|
sefinek.net
|
|
Triggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 ( ... show moreTriggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 (CDNEXT)
Protocol: HTTP/1.1 (method GET)
Domain: sefinek.net
Endpoint: /genshin-stella-mod
Timestamp: 2024-10-05T05:18:03Z
Ray ID: 8cdaf2e6b8f95b4b
Rule ID: cc5e7a6277d447eca9c1818934ba65c8
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Report generated by Node-Cloudflare-WAF-AbuseIPDB https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB show less
|
Bad Web Bot
|
|
Xuan Can
|
|
(mod_security) mod_security (id:6) triggered by 37.19.223.215 (AT/Austria/unn-37-19-223-215.datapack ... show more(mod_security) mod_security (id:6) triggered by 37.19.223.215 (AT/Austria/unn-37-19-223-215.datapacket.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 04 16:03:34.785361 2024] [security2:error] [pid 3932:tid 3962] [client 37.19.223.215:50233] [client 37.19.223.215] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "63"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "Zv-vZp3oiJdSEU0s_MjDvgAAAEM"], referer: https://kb.pavietnam.vn/rss-la-gi.html show less
|
Brute-Force
SSH
|
|
sefinek.net
|
|
Triggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 ( ... show moreTriggered Cloudflare WAF (firewallCustom) from AT.
Action taken: CHALLENGE
ASN: 212238 (CDNEXT)
Protocol: HTTP/1.1 (method GET)
Domain: sefinek.net
Endpoint: /
Timestamp: 2024-09-30T03:20:07Z
Ray ID: 8cb11343ef0a5b7f
Rule ID: cc5e7a6277d447eca9c1818934ba65c8
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51
Report generated by Node-Cloudflare-WAF-AbuseIPDB https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB show less
|
Bad Web Bot
|
|
georgengelmann
|
|
Port scan from unn-37-19-223-215.datapacket.com
|
Port Scan
|
|
TheMadBeaker
|
|
Fail2Ban Ban Triggered
Wordpress Attack Attempt
|
Brute-Force
Web App Attack
|
|
georgengelmann
|
|
Port scan from unn-37-19-223-215.datapacket.com
|
Port Scan
|
|
BestFans.com
|
|
Credential brute-force attacks on webpage logins
|
Brute-Force
|
|
saima.info
|
|
Port scanning, proxy abuse
|
Port Scan
Brute-Force
|
|
saima.info
|
|
Port scanning, proxy abuse
|
Port Scan
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 37.19.223.215 (unn-37-19-223-215.datapacket.com ... show more(mod_security) mod_security (id:210730) triggered by 37.19.223.215 (unn-37-19-223-215.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 18 12:37:33.750882 2024] [security2:error] [pid 14116:tid 47748392285952] [client 37.19.223.215:30098] [client 37.19.223.215] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||woadwellness.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "woadwellness.com"] [uri "/mailto:[email protected]"] [unique_id "Zalh3XaSs0-qxamHkl9ktwAAAQA"], referer: http://woadwellness.com/contactus.html show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|