Anonymous
2024-12-13 00:50:21
(1 month ago)
wordpress-trap
Web App Attack
Mediashaker
2024-12-11 01:31:12
(1 month ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 46.250.238.224 (SG/Singa ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 46.250.238.224 (SG/Singapore/vmi1888192.contaboserver.net) show less
Port Scan
cmbplf
2024-12-10 19:23:34
(1 month ago)
385 requests to */.well-known/pki-validation/*.php
364 requests to */.well-known/acme-challe ... show more 385 requests to */.well-known/pki-validation/*.php
364 requests to */.well-known/acme-challenge/*.php show less
Brute-Force
Bad Web Bot
Burayot
2024-12-10 19:11:04
(1 month ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 46.250.238.224 (SG/Singapore/vmi188 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 46.250.238.224 (SG/Singapore/vmi1888192.contaboserver.net): 1 in the last 3600 secs show less
Web App Attack
Anonymous
2024-12-08 15:52:22
(1 month ago)
Fail2Ban apache-noscript
Bad Web Bot
VHosting
2024-12-08 11:46:20
(1 month ago)
Attempt from 46.250.238.224, reason: OverConnLimit
DDoS Attack
Bad Web Bot
Anonymous
2024-12-08 10:22:49
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-04 14:49:57
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 09:49:51.194289 2024] [security2:error] [pid 20806:tid 20806] [client 46.250.238.224:49995] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||isyourcompanysafe.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "isyourcompanysafe.com"] [uri "/include/lib.inc.php.bak"] [unique_id "Z1BsDyZqKfZFYh-Yg7yYjgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 14:17:04
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 09:17:01.496581 2024] [security2:error] [pid 32291:tid 32291] [client 46.250.238.224:49288] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||investigativeprofessionals.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "investigativeprofessionals.com"] [uri "/include/lib.inc.php.bak"] [unique_id "Z1BkXUC6t7JD07VHe_hqxwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 08:25:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 03:25:26.644954 2024] [security2:error] [pid 9096:tid 9096] [client 46.250.238.224:65122] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||habakkukent.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "habakkukent.com"] [uri "/include/lib.inc.php.bak"] [unique_id "Z1AR9txCXac34l7JpQdqdgAAACM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 05:01:57
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 00:01:51.003816 2024] [security2:error] [pid 369:tid 369] [client 46.250.238.224:59532] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||garrettkirkland.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "garrettkirkland.com"] [uri "/include/lib.inc.php.bak"] [unique_id "Z0_iP_RN2HJRlmpgI330VQAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-03 16:17:06
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 11:17:01.135527 2024] [security2:error] [pid 17282:tid 17282] [client 46.250.238.224:60153] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cyber507.net|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cyber507.net"] [uri "/include/lib.inc.php.bak"] [unique_id "Z08u_WiY0qwZVsJORYtP1AAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-12-03 14:23:52
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-12-03 09:07:22
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 04:07:14.779479 2024] [security2:error] [pid 7465:tid 7465] [client 46.250.238.224:52509] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||californiarhythmproject.org|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "californiarhythmproject.org"] [uri "/include/lib.inc.php.bak"] [unique_id "Z07KQprZwtPEWC-EEo_7wwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-03 05:21:25
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 46.250.238.224 (vmi1888192.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 00:21:19.713530 2024] [security2:error] [pid 9318:tid 9318] [client 46.250.238.224:58868] [client 46.250.238.224] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||birthanempire.com|F|2"] [data ".inc.php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "birthanempire.com"] [uri "/include/lib.inc.php.bak"] [unique_id "Z06VT3T1JiSsp3KON9lbNQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack