TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.86.202.151 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.86.202.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 06:06:02.762837 2024] [security2:error] [pid 31995:tid 31995] [client 45.86.202.151:32945] [client 45.86.202.151] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||intercotrading.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "intercotrading.com"] [uri "/bak/sql.sql"] [unique_id "ZvaDihZ1Bmjo1pOj1ZlmIwAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.86.202.151 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.86.202.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 17:24:15.820157 2024] [security2:error] [pid 7714:tid 7714] [client 45.86.202.151:52359] [client 45.86.202.151] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||casinoaffiliateprogramsonline.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "casinoaffiliateprogramsonline.com"] [uri "/old/wallet.dat"] [unique_id "ZvXQ_wB6RspQcwvDnavUpgAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Thaliruth
|
|
45.86.202.151 - - [14/Sep/2024:20:27:00 +0200] "HEAD /back/archive.zip HTTP/1.1" 301 0 "-" "-" ... show more45.86.202.151 - - [14/Sep/2024:20:27:00 +0200] "HEAD /back/archive.zip HTTP/1.1" 301 0 "-" "-"
reiter-von-rohan.com:443 45.86.202.151 - - [14/Sep/2024:20:27:00 +0200] "HEAD /back/archive.zip HTTP/1.0" 404 930 "-" "-"
45.86.202.151 - - [14/Sep/2024:20:27:00 +0200] "HEAD /back/archive.zip HTTP/1.0" 404 930 "-" "-"
... show less
|
Hacking
Web App Attack
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
_ArminS_
|
|
SP-Scan 47310:5038 detected 2024.09.08 09:19:33
blocked until 2024.10.28 01:22:20
|
Port Scan
|
|
marzzzello
|
|
Ports: 2x 5038
|
Port Scan
|
|
bescared
|
|
Malicious activity detected. Port scan (5038/TCP)..
|
Port Scan
|
|
ghostwarriors
|
|
Attempts against non-existent wp-login
|
Brute-Force
Web App Attack
|
|
wuemeli.com
|
|
2024-09-07T16:11:33.366096+02:00 api kernel: [56897.793536] [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:11:a1 ... show more2024-09-07T16:11:33.366096+02:00 api kernel: [56897.793536] [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:11:a1:cc:c1:bc:24:11:e0:c3:6b:08:00 SRC=45.86.202.151 DST=37.221.95.157 LEN=52 TOS=0x02 PREC=0x00 TTL=115 ID=29928 DF PROTO=TCP SPT=27544 DPT=5038 WINDOW=8192 RES=0x00 CWR ECE SYN URGP=0
... show less
|
Port Scan
|
|
KPS
|
|
PortscanM
|
Port Scan
|
|
invalidLuca
|
|
[UFW] Unauthorized connection attempt from 45.86.202.151
|
Port Scan
|
|
iNetWorker
|
|
trying to access non-authorized port
|
Port Scan
|
|
Admins@FBN
|
|
FW-PortScan: Traffic Blocked srcport=26448 dstport=5038
|
Port Scan
|
|
Admins@FBN
|
|
FW-PortScan: Traffic Blocked srcport=40370 dstport=5038
|
Port Scan
|
|