TPI-Abuse
2024-09-26 09:37:58
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 05:37:53.804175 2024] [security2:error] [pid 32525:tid 32525] [client 45.13.191.104:16017] [client 45.13.191.104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pcga.golf|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pcga.golf"] [uri "/backups/mysql.sql"] [unique_id "ZvUrcQ7E-mOhI8CJfEo1EgAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-18 20:08:05
(2 weeks ago)
Viewstate Trap
Web Spam
TPI-Abuse
2024-09-18 18:11:01
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 18 14:10:53.522454 2024] [security2:error] [pid 575255:tid 575277] [client 45.13.191.104:49639] [client 45.13.191.104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||liquido.cocoonprojects.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "liquido.cocoonprojects.com"] [uri "/backup/dump.sql"] [unique_id "ZusXrQedL0pmUIJ-_BgfTgAAAIA"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-09-16 15:25:36
(2 weeks ago)
Form spam
Web Spam
CrystalMaker
2024-09-16 08:14:28
(2 weeks ago)
Vulnerability scan - GET /forum/crystalmaker_discuss/
Hacking
TPI-Abuse
2024-09-10 11:04:15
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 07:04:11.643814 2024] [security2:error] [pid 8051:tid 8051] [client 45.13.191.104:30191] [client 45.13.191.104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.crypto-stamps.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.crypto-stamps.com"] [uri "/dump.sql"] [unique_id "ZuAnq5LMjLvKCb3NJxiv9QAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-28 21:00:15
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
RLDD
2024-08-19 07:47:13
(1 month ago)
WP login attempts -nov
Brute-Force
oncord
2024-08-18 22:59:22
(1 month ago)
Form spam
Web Spam
MAGIC
2024-08-18 07:02:46
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-08-18 04:03:13
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-08-04 20:10:43
(2 months ago)
Form spam
Web Spam
Anonymous
2024-07-27 19:25:16
(2 months ago)
Small botnet with 400-1000 ip addresses calling HEAD / for no reason
Bad Web Bot
MAGIC
2024-07-27 16:03:18
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-21 01:53:13
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.13.191.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 20 21:53:09.002306 2024] [security2:error] [pid 29165:tid 29165] [client 45.13.191.104:64107] [client 45.13.191.104] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||teenybikinigirls.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teenybikinigirls.com"] [uri "/back/sql.sql"] [unique_id "ZpxqBNt5h22zJhlwOVFjmwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack