Study Bitcoin 🤗
2025-02-05 12:24:24
(2 days ago)
4 port probes: 4x tcp/8 (unassigned)
[srv127]
Port Scan
TPI-Abuse
2025-02-02 21:02:56
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 16:02:50.277744 2025] [security2:error] [pid 19574:tid 19574] [client 45.128.199.56:29721] [client 45.128.199.56] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mpaexchangeinc.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mpaexchangeinc.com"] [uri "/old/mysql.sql"] [unique_id "Z5_devwfsozLT6jpcWiP8QAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2025-01-30 07:50:12
(1 week ago)
block ruleset 1E8A9918B1655D0828F2EEF05553DD2681055C9A
Web Spam
Anonymous
2025-01-23 07:12:11
(2 weeks ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
diego
2025-01-22 04:14:35
(2 weeks ago)
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
DDoS Attack
TPI-Abuse
2025-01-14 09:28:55
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 14 04:28:52.041199 2025] [security2:error] [pid 10450:tid 10450] [client 45.128.199.56:56899] [client 45.128.199.56] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mrepoch.art|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mrepoch.art"] [uri "/wallet.dat"] [unique_id "Z4YuVFnQbalAV5XjTAwqugAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-09 01:36:21
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Swiptly
2025-01-07 18:30:58
(1 month ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
Anonymous
2025-01-06 09:50:05
(1 month ago)
| A web attack returned code 200 (success).
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2025-01-04 19:08:52
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 04 14:08:45.238484 2025] [security2:error] [pid 5745:tid 5745] [client 45.128.199.56:40571] [client 45.128.199.56] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||phantomquailkennel.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phantomquailkennel.com"] [uri "/restore/mysql.sql"] [unique_id "Z3mHPTBvmGzd2LMH3u1WsgAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-31 09:32:32
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.128.199.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 31 04:32:28.217137 2024] [security2:error] [pid 5777:tid 5777] [client 45.128.199.56:36985] [client 45.128.199.56] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ccbank.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ccbank.net"] [uri "/back/backup.sql"] [unique_id "Z3O6LAi2rEWkNFosiGk-3AAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-12-25 21:38:52
(1 month ago)
Form spam
Web Spam
MAGIC
2024-12-25 19:05:36
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
RLDD
2024-12-25 04:07:05
(1 month ago)
WP probing -nov
Web App Attack
noxtec GmbH
2024-12-05 15:53:56
(2 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 45.128.199.56 (NL/Th ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 45.128.199.56 (NL/The Netherlands/-) show less
Bad Web Bot