Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 14:36:06.360497 2024] [security2:error] [pid 6994:tid 6994] [client 45.130.202.46:42911] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crypto-stamps.com"] [uri "/bak/sftp-config.json"] [unique_id "ZzZRJkkTzVek0YR8wZaDcwAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 03:24:14.365276 2024] [security2:error] [pid 29820:tid 29820] [client 45.130.202.46:57163] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcointoolshop.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcointoolshop.com"] [uri "/backup/sql.sql"] [unique_id "ZzG_LsJePx-bGDFoj0etDwAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 29 19:53:38.554647 2024] [security2:error] [pid 12950:tid 12953] [client 45.130.202.46:13817] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/back/sftp-config.json"] [unique_id "ZyF1gkm7kRG4PM0JU2XZnQAAAQA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 24 20:27:36.954522 2024] [security2:error] [pid 24910:tid 24910] [client 45.130.202.46:21833] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ciptaconindotara.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ciptaconindotara.com"] [uri "/sql.sql"] [unique_id "Zxrl-E9GFpuECcN3KIbItgAAABY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 11 23:05:54.002889 2024] [security2:error] [pid 15620:tid 15620] [client 45.130.202.46:52197] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cryptoedge.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cryptoedge.net"] [uri "/backup/mysql.sql"] [unique_id "ZuJakhNzxUs-fyXH1F9bRgAAABo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Account archive download attempts
|
Hacking
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 02:20:30.499451 2024] [security2:error] [pid 26659:tid 26749] [client 45.130.202.46:18805] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bluetigertees.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bluetigertees.com"] [uri "/restore/www.sql"] [unique_id "ZrW1LrM7eAzbIHb6Y_nZIQAAAxg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
hbrks
|
|
HEAD http://marche-be.com/old/bak.gz
|
Web Spam
Hacking
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 19 14:24:06.046909 2024] [security2:error] [pid 4331] [client 45.130.202.46:40503] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||csgohub.gg|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "csgohub.gg"] [uri "/mysql.sql"] [unique_id "ZnMiRrG_ghl5_qtBaOGOEQAAAAA"] show less
|
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.130.202.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 14 09:30:20.808887 2024] [security2:error] [pid 27185] [client 45.130.202.46:61215] [client 45.130.202.46] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||swhowell.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "swhowell.com"] [uri "/restore/wallet.dat"] [unique_id "ZmxF7FLO3QGV7aaAuNif0QAAAA8"] show less
|
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
|
|
hbrks
|
|
HEAD http://p4u.xyz/backup/backup.tar
|
Web Spam
Hacking
Bad Web Bot
|
|
unifr
|
|
Unauthorized IMAP connection attempt
|
Brute-Force
|
|
oncord
|
|
Form spam
|
Web Spam
|
|