Anonymous
2024-07-07 06:02:15
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-15 01:25:07
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-12 05:21:06
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-15 04:52:15
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ซ๐ท
oonux.net
2024-03-25 14:43:13
(2 years ago)
RouterOS: The host 62.197.155.35 trying to use anonymous proxy
Hacking
Bad Web Bot
Exploited Host
๐บ๐ธ
RLDD
2024-03-24 01:26:23
(2 years ago)
WP login attempts -dyn
Brute-Force
๐ฟ๐ฆ
maximonline.co.za
2024-01-17 15:02:04
(2 years ago)
Brute Force IMAP AUTH Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-01-12 20:04:11
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 12 15:04:06.147495 2024] [security2:error] [pid 24936] [client 62.197.155.35:58900] [client 62.197.155.35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||buenasfrecuencias.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "buenasfrecuencias.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZaGbNol7onTUCLFsunAsOgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2024-01-12 15:15:24
(2 years ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฌ๐ง
mangomad
2024-01-12 10:22:13
(2 years ago)
Repeated Apache mod_security rule triggers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-12 07:46:41
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 12 02:46:36.742004 2024] [security2:error] [pid 6622] [client 62.197.155.35:34656] [client 62.197.155.35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.butkiewiczfamilyfarm.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.butkiewiczfamilyfarm.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZaDuXI1Q7Gkoe3hCrZblmwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-01-12 07:05:38
(2 years ago)
Fail2Ban apache-noscript
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2024-01-12 04:42:25
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 11 23:42:19.675699 2024] [security2:error] [pid 13319:tid 47763889104640] [client 62.197.155.35:38954] [client 62.197.155.35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.idealcentralvac.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.idealcentralvac.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZaDDKxfJLav6ApsDEKyJ6wAAAQw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2024-01-12 04:04:34
(2 years ago)
Too many Status 40X (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2023-11-30 05:35:30
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 62.197.155.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 30 00:35:23.646307 2023] [security2:error] [pid 6830] [client 62.197.155.35:44182] [client 62.197.155.35] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||menagri.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "menagri.com"] [uri "/shop/wp-json/wp/v2/users/"] [unique_id "ZWgfG21X9oJOO3ftW2boqAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack