MAGIC
2024-09-13 13:00:40
(4 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-08-15 11:32:21
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 07:32:14.946546 2024] [security2:error] [pid 14838:tid 14838] [client 45.8.17.146:58411] [client 45.8.17.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoincasting.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoincasting.com"] [uri "/old/dump.sql"] [unique_id "Zr3nPl4ZxEA-TS8lDe_ooAAAAB8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TZNOC
2024-08-15 08:40:09
(1 month ago)
Brute Force Attack on a Web Resources (probe) #1
DDoS Attack
Web Spam
Brute-Force
Web App Attack
TPI-Abuse
2024-08-04 05:29:14
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 01:29:07.867549 2024] [security2:error] [pid 1608:tid 1608] [client 45.8.17.146:36275] [client 45.8.17.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||otrantocapital.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "otrantocapital.com"] [uri "/backups/www.sql"] [unique_id "Zq8Ro3FrRNiem3irhGWMKwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-09 04:25:21
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-07-09 04:00:29
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
10dencehispahard SL
2024-07-03 03:02:59
(2 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
Anonymous
2024-06-18 04:24:24
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
Brute-Force
SSH
SSH
Anonymous
2024-06-08 18:54:58
(3 months ago)
Viewstate Trap
Web Spam
TPI-Abuse
2024-05-24 12:18:21
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 24 08:18:12.572886 2024] [security2:error] [pid 21883:tid 47622222849792] [client 45.8.17.146:41265] [client 45.8.17.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||peapage.productions|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "peapage.productions"] [uri "/back/wallet.dat"] [unique_id "ZlCFhKiqXAE5YQGcdOINIwAAAQo"] show less
Brute-Force
Bad Web Bot
Web App Attack
hbrks
2024-05-23 04:49:16
(3 months ago)
HEAD http://epay.world/site_name_com.sql * statusCode: 503 *
Web Spam
Hacking
Bad Web Bot
TPI-Abuse
2024-05-21 00:26:18
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 20 20:26:13.186373 2024] [security2:error] [pid 31256] [client 45.8.17.146:8761] [client 45.8.17.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||brazilianbikinis.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brazilianbikinis.com"] [uri "/back/mysql.sql"] [unique_id "ZkvqJR_m3mIkQBDu8MWvBAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-05-20 13:03:28
(3 months ago)
Scanning/Probing (23)
Request Overload (518)
Brute-Force
Web App Attack
10dencehispahard SL
2024-05-20 08:00:06
(3 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
TPI-Abuse
2024-04-14 22:40:37
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.8.17.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 14 18:40:29.045997 2024] [security2:error] [pid 25373] [client 45.8.17.146:44185] [client 45.8.17.146] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinbtcshop.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinbtcshop.com"] [uri "/backup.sql"] [unique_id "ZhxbXb4y24Q4iNGcIOd2FAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack