LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.92.229.134 (US/United States/-): ... show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.92.229.134 (US/United States/-): 1 in the last 3600 secs show less
spam or other hacking activities reported by webbfabriken security servers
Attack reported by ... show morespam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabriken Security API - WFSecAPI show less
[MonJul0118:35:35.5063632024][security2:error][pid855860:tid23394097456704][client45.92.229.134:0][c ... show more[MonJul0118:35:35.5063632024][security2:error][pid855860:tid23394097456704][client45.92.229.134:0][client45.92.229.134]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:c\(\?:99\|100\)\|locus\|r57shell\|r57\)\\\\\\\\.\(\?:txt\|php\)\"atREQUEST_HEADERS:Referer.[file\"/etc/apache2/conf.d/modsec_rules/60_asl_recons.conf\"][line\"1503\"][id\"350030\"][rev\"1\"][msg\"Atomicorp.comWAFRules:WebShellSearchEngineReconattempt\"][severity\"CRITICAL\"][hostname\"www.orabonastudio.it\"][uri\"/500.shtml\"][unique_id\"ZoLa1w9D-iJGKEyra2tH9QAAAUw\"]\,referer:http://orabonastudio.it/c99.php[MonJul0118:35:50.5505602024][security2:error][pid855860:tid23394097456704][client45.92.229.134:0][client45.92.229.134]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:c\(\?:99\|100\)\|locus\|r57shell\|r57\)\\\\\\\\.\(\?:txt\|php\)\"atREQUEST_HEADERS:Referer.[file\"/etc/apache2/conf.d/modsec_rules/60_asl_recons.conf\"][line\"1503\"][id\"350030\"][rev\"1\"][msg\"Atomicorp.comWAFRules:WebShellSearchEngineReconat show less
(mod_security) mod_security (id:210492) triggered by 45.92.229.134 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.92.229.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 10:50:18.878705 2024] [security2:error] [pid 10014] [client 45.92.229.134:41805] [client 45.92.229.134] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "orthopaedicsurgical.com"] [uri "/.env"] [unique_id "ZoLCKnHogQ7oFRprVZCztQAAAAU"] show less
Brute-ForceBad Web BotWeb App Attack
Anonymous
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show morePorts: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less