๐ฎ๐น
LTM
2025-10-09 06:20:02
(9 months ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
Penny Packer
2025-09-16 15:27:16
(9 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-15 15:20:55
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 15 11:20:47.222442 2025] [security2:error] [pid 22406:tid 22406] [client 45.130.136.17:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kryptonome.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kryptonome.com"] [uri "/restore/www.sql"] [unique_id "aJ9QT0YzgEPartw0QBVZHAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-15 05:45:24
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 15 01:45:16.640573 2025] [security2:error] [pid 20909:tid 20909] [client 45.130.136.17:20177] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||oliverhardy.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "oliverhardy.com"] [uri "/restore/www.sql"] [unique_id "aJ7JbK6Fw7YEp35_GTH_OAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Penny Packer
2025-08-15 05:13:41
(11 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
Penny Packer
2025-07-26 19:02:37
(11 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐ฉ๐ช
bescared
2025-06-27 10:14:43
(1 year ago)
F2B - Malicious activity detected. URL Probing.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-27 05:39:21
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 27 01:39:18.351172 2025] [security2:error] [pid 2309418:tid 2309418] [client 45.130.136.17:46839] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crypto-stamps.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crypto-stamps.com"] [uri "/backups/backup.sql"] [unique_id "aF4uhpRhkTO7SBYvxa0ZqgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-27 05:18:45
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 27 01:18:38.263872 2025] [security2:error] [pid 2388792:tid 2388792] [client 45.130.136.17:37247] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.mindtoken.app|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.mindtoken.app"] [uri "/restore/dump.sql"] [unique_id "aF4prrOuWiRtz6AJ1Zr9pwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-24 13:45:15
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 24 09:45:12.313002 2025] [security2:error] [pid 1908192:tid 1908192] [client 45.130.136.17:4769] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ezsmiledental.com"] [uri "/old/sftp-config.json"] [unique_id "aFqr6ERiTPe0t_zeFvKVmwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-19 21:00:20
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 19 17:00:17.374169 2025] [security2:error] [pid 1248482:tid 1248572] [client 45.130.136.17:8891] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fishrapper.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fishrapper.com"] [uri "/sql.sql"] [unique_id "aFR6YbYqtUih9HXUDW2QogAAAdA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-19 20:35:38
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 19 16:35:33.786580 2025] [security2:error] [pid 1241593:tid 1241593] [client 45.130.136.17:23655] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.spectorworld.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.spectorworld.com"] [uri "/old/backup.sql"] [unique_id "aFR0laslZw9RM4guyTSTGgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-19 05:24:44
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 19 01:24:38.259841 2025] [security2:error] [pid 1161024:tid 1161024] [client 45.130.136.17:30383] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||casinoaffiliateprogramsonline.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "casinoaffiliateprogramsonline.com"] [uri "/back/mysql.sql"] [unique_id "aFOfFlRcyGW6KSTlSsElOgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-18 17:29:39
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 18 13:29:33.490301 2025] [security2:error] [pid 3349002:tid 3349002] [client 45.130.136.17:29289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebullmemecoin.com"] [uri "/sftp-config.json"] [unique_id "aFL3fYWsPuA0b3ZFJA9auQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-16 04:45:54
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 45.130.136.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 16 00:45:47.711966 2025] [security2:error] [pid 1059438:tid 1059438] [client 45.130.136.17:60305] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||fishpondmanagement.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fishpondmanagement.com"] [uri "/restore/mysql.sql"] [unique_id "aE-he6z-q3URDSHsLwmAxAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack