Anonymous
2024-08-18 21:35:06
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-10 23:13:50
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-06-12 16:06:32
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 12 12:06:25.496651 2024] [security2:error] [pid 14853] [client 54.37.7.201:48780] [client 54.37.7.201] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||luckypupdesigns.com|F|2"] [data ".austinloftydog.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "luckypupdesigns.com"] [uri "/www.austinloftydog.com"] [unique_id "ZmnHgT1edz1Vf9phtwH6pwAAABI"], referer: http://luckypupdesigns.com/stores.html show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-06-10 19:42:44
(3 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
clapper
2024-06-06 21:52:57
(3 months ago)
(mod_security) mod_security (id:980001) triggered by 54.37.7.201 (FR/France/-): 5 in the last 3600 s ... show more (mod_security) mod_security (id:980001) triggered by 54.37.7.201 (FR/France/-): 5 in the last 3600 secs; ID: rub show less
Brute-Force
Bad Web Bot
TPI-Abuse
2024-05-14 03:06:19
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 13 23:06:11.279486 2024] [security2:error] [pid 22734] [client 54.37.7.201:42906] [client 54.37.7.201] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.barbaraehill.com|F|2"] [data ".barbaraehill.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.barbaraehill.com"] [uri "/https:/www.barbaraehill.com"] [unique_id "ZkLVI1Yrx4MlQuaBxRzbhQAAAAA"], referer: https://www.barbaraehill.com/ show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-05-03 20:46:57
(4 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-03-29 06:21:42
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 54.37.7.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 29 02:21:37.448402 2024] [security2:error] [pid 3979322:tid 47366428743424] [client 54.37.7.201:56540] [client 54.37.7.201] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nwnative.us|F|2"] [data ".medievaltimes.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nwnative.us"] [uri "/images/Dallas2010/pages/www.medievaltimes.com"] [unique_id "ZgZd8U0XFKwYMMcOxZxsSgAAAEI"], referer: http://www.nwnative.us/images/Dallas2010/pages/IMG_1034b.htm show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-03-18 12:48:08
(5 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-02-20 01:37:00
(6 months ago)
Blocked for Exceeded the maximum global requests per minute for crawlers or humans
20/02/2024 ... show more Blocked for Exceeded the maximum global requests per minute for crawlers or humans
20/02/2024 01:37:33 (8 hours 7 mins ago)
IP: 54.37.7.201 Hostname: 54.37.7.201
Human/Bot: Bot
Mozilla/5.0 (compatible; SeekportBot; +https://bot.seekport.com) show less
Hacking
Bad Web Bot
MAGIC
2024-02-15 07:08:04
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
conseilgouz
2024-02-03 06:19:52
(7 months ago)
vew-Joomla User : try to access forms...
Hacking
weblite
2024-01-06 04:55:58
(8 months ago)
BAD_CRAWLER
Bad Web Bot
MAGIC
2023-12-22 16:11:11
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Roderic
2023-12-18 22:13:58
(8 months ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.37.7.201 (FR/Fran ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.37.7.201 (FR/France/-) show less
Bad Web Bot