|
๐ซ๐ท
mgarofano80
|
|
|
Brute-Force
Web App Attack
|
|
|
๐ซ๐ฎ
xyz.rip
|
|
WAF Violation...
|
Hacking
Web App Attack
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐บ๐ธ
lavnet.net
|
|
[Mon Aug 19 20:35:59.072387 2024] [authz_core:error] [pid 177719:tid 177719] [client 50.21.188.59:39 ...
show more
[Mon Aug 19 20:35:59.072387 2024] [authz_core:error] [pid 177719:tid 177719] [client 50.21.188.59:39697] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Aug 19 20:35:59.072585 2024] [authz_core:error] [pid 177719:tid 177719] [client 50.21.188.59:39697] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Aug 19 20:36:00.284572 2024] [authz_core:error] [pid 177719:tid 177719] [client 50.21.188.59:39697] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
...
show less
|
Brute-Force
|
|
|
Anonymous
|
|
Ignoring robots.txt
|
Bad Web Bot
|
|
|
๐บ๐ธ
lavnet.net
|
|
[Mon Jul 29 19:07:43.707055 2024] [authz_core:error] [pid 3386505:tid 3386505] [client 50.21.188.59: ...
show more
[Mon Jul 29 19:07:43.707055 2024] [authz_core:error] [pid 3386505:tid 3386505] [client 50.21.188.59:54657] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Jul 29 19:07:43.707339 2024] [authz_core:error] [pid 3386505:tid 3386505] [client 50.21.188.59:54657] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Jul 29 19:07:44.842641 2024] [authz_core:error] [pid 3386505:tid 3386505] [client 50.21.188.59:54657] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
...
show less
|
Brute-Force
|
|
|
๐บ๐ธ
deskpass.com
|
|
GET /wp-cron.php
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the ...
show more
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 11 08:43:51.136276 2024] [security2:error] [pid 21871] [client 50.21.188.59:39887] [client 50.21.188.59] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||elsmithpest.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "elsmithpest.com"] [uri "/[email protected]"] [unique_id "ZmhGh1ZI148CrfGTW5rdrgAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the ...
show more
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 10 12:28:06.084395 2024] [security2:error] [pid 8949] [client 50.21.188.59:42453] [client 50.21.188.59] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nccb.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nccb.org"] [uri "/theunion.com"] [unique_id "Zmcpllw4NfX2Lpt6h_PqjAAAAAo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the ...
show more
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 07 13:36:28.810724 2024] [security2:error] [pid 2457] [client 50.21.188.59:36079] [client 50.21.188.59] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dalessalesandservice.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dalessalesandservice.com"] [uri "/[email protected]"] [unique_id "ZmNFHCU8heavpaQnGsIxHwAAABk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
lavnet.net
|
|
[Tue Apr 30 03:14:27.520474 2024] [authz_core:error] [pid 12616] [client 50.21.188.59:35841] AH01630 ...
show more
[Tue Apr 30 03:14:27.520474 2024] [authz_core:error] [pid 12616] [client 50.21.188.59:35841] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Tue Apr 30 03:14:27.521815 2024] [authz_core:error] [pid 12616] [client 50.21.188.59:35841] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Tue Apr 30 03:14:28.775588 2024] [authz_core:error] [pid 12616] [client 50.21.188.59:35841] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
...
show less
|
Brute-Force
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the ...
show more
(mod_security) mod_security (id:210730) triggered by 50.21.188.59 (crawllxa114.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 12 03:21:22.621390 2024] [security2:error] [pid 30910] [client 50.21.188.59:37949] [client 50.21.188.59] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||nccb.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nccb.org"] [uri "/theunion.com"] [unique_id "ZfACcvmyj1KfA5k7cVeAlQAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
lavnet.net
|
|
[Thu Mar 07 01:45:55.841457 2024] [authz_core:error] [pid 2292873] [client 50.21.188.59:46027] AH016 ...
show more
[Thu Mar 07 01:45:55.841457 2024] [authz_core:error] [pid 2292873] [client 50.21.188.59:46027] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Thu Mar 07 01:45:55.841606 2024] [authz_core:error] [pid 2292873] [client 50.21.188.59:46027] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Thu Mar 07 01:45:58.618795 2024] [authz_core:error] [pid 2292873] [client 50.21.188.59:46027] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
...
show less
|
Brute-Force
|
|
|
๐บ๐ธ
findlab
|
|
Backdrop CMS module - scanning for vulnerable files
|
Bad Web Bot
Web App Attack
|
|