TPI-Abuse
2024-10-07 13:25:48
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 09:25:42.995464 2024] [security2:error] [pid 3866:tid 3866] [client 45.128.199.55:62295] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wethepeoplealliance.network|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wethepeoplealliance.network"] [uri "/back/sql.sql"] [unique_id "ZwPhVq5mAYrBhzi588YbEgAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-07 12:45:03
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 07 08:44:58.448112 2024] [security2:error] [pid 23262:tid 23262] [client 45.128.199.55:34851] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||otrantocapital.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "otrantocapital.com"] [uri "/mysql.sql"] [unique_id "ZwPXyrWQXg0EkaJWhFEmCQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-05 04:06:35
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 05 00:06:26.406705 2024] [security2:error] [pid 28076:tid 28076] [client 45.128.199.55:31159] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cryptoedge.net"] [uri "/backups/sftp-config.json"] [unique_id "ZwC7QhABKhFQMDm1ACUIPwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-26 07:03:19
(1 week ago)
Ports: 25,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-20 15:43:19
(2 weeks ago)
Ports: 25,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
conexcol
2024-09-12 08:40:27
(3 weeks ago)
(smtpauth) Failed SMTP AUTH login from 45.128.199.55 (NL/The Netherlands/-): 5 in the last 3600 secs
Brute-Force
Anonymous
2024-09-12 02:34:48
(3 weeks ago)
Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH
Brute-Force
SSH
conexcol
2024-09-11 07:44:11
(4 weeks ago)
(smtpauth) Failed SMTP AUTH login from 45.128.199.55 (NL/The Netherlands/-): 5 in the last 3600 secs
Brute-Force
Anonymous
2024-09-11 00:40:41
(4 weeks ago)
Ports: 25,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-31 16:29:20
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 12:29:13.395805 2024] [security2:error] [pid 25785:tid 25785] [client 45.128.199.55:54969] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||towlesilvapsychotherapy.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "towlesilvapsychotherapy.com"] [uri "/backups/wallet.dat"] [unique_id "ZtNE2bdjIKT18hzjtGYN1gAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-20 03:22:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 19 23:22:22.521554 2024] [security2:error] [pid 26560:tid 26560] [client 45.128.199.55:16745] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||boat-accessories.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boat-accessories.net"] [uri "/www.sql"] [unique_id "ZsQL7hAldYfOqEi2P5bmxgAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-28 11:41:41
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 07:41:36.351658 2024] [security2:error] [pid 1573:tid 1573] [client 45.128.199.55:33125] [client 45.128.199.55] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||russiacoin.info|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "russiacoin.info"] [uri "/restore/sql.sql"] [unique_id "ZqYucAV8SAp7xWcPR11kpQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-07-18 04:47:52
(2 months ago)
Form spam
Web Spam
Linuxmalwarehuntingnl
2024-07-02 07:08:42
(3 months ago)
Unauthorized connection attempt
Brute-Force
10dencehispahard SL
2024-06-30 16:04:24
(3 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force