|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:45:21.975416 2025] [security2:error] [pid 16183:tid 16183] [client 64.137.93.203:49233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.deandobkin.com"] [uri "/.env.stage"] [unique_id "aNG1YYjEPw_0-E1G_SBofAAAABA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 05 16:13:39.067386 2025] [security2:error] [pid 27716:tid 27716] [client 64.137.93.203:48535] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nbcnewsradio.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nbcnewsradio.com"] [uri "/admin/error.log"] [unique_id "aJJl80FeazaOiybsIgCnuAAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 04:29:23.384332 2025] [security2:error] [pid 3331489:tid 3331592] [client 64.137.93.203:33041] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kettlehill.kettlehill.com|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kettlehill.kettlehill.com"] [uri "/host.key"] [unique_id "aIx64zqSEPOvsBY_LS5p1AAAANQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
Alejandro Docasar
|
|
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:50:53.080719 2024] [security2:error] [pid 2192:tid 2192] [client 64.137.93.203:34061] [client 64.137.93.203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.stdavids-media.com"] [uri "/.env.cpcontacts"] [unique_id "Ztdajb_Y_NcuJY4cp8tikAAAAA8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:221260) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:221260) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 21:56:54.926372 2024] [security2:error] [pid 3087666:tid 3087671] [client 64.137.93.203:49427] [client 64.137.93.203] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)||mail.kettlehill.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.net"] [uri "/cgi-bin/stats"] [unique_id "ZtPJ5jmHwNC8sxsTJsCG1QAAAQM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
ps-center
|
|
SS1: Web Attack POST /adminer/index.php
|
Web Spam
Hacking
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Common attack or app scan event detected and blocked
|
Port Scan
Hacking
Web App Attack
|
|
|
๐ช๐ธ
10dencehispahard SL
|
|
Unauthorized login attempts [ accesslogs]
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 03:08:36.613195 2024] [security2:error] [pid 31360:tid 47386388883200] [client 64.137.93.203:39501] [client 64.137.93.203] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.kettlehill.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.kettlehill.net"] [uri "/install/froxlor.sql"] [unique_id "Zn0P9FyO989uQdQJj5NWKwAAARU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Ports: 2077,2078,2082,2083,2086,2087,2095,2096; Direction: 0; Trigger: LF_DISTATTACK
|
Brute-Force
SSH
|
|
|
๐ช๐ธ
10dencehispahard SL
|
|
Unauthorized login attempts []
|
Brute-Force
|
|
|
๐ช๐ธ
10dencehispahard SL
|
|
Web Attack
|
DDoS Attack
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:212620) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.137.93.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 03 14:27:52.201603 2024] [security2:error] [pid 29462:tid 47125593331456] [client 64.137.93.203:50167] [client 64.137.93.203] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||ftp.kettlehill.net|F|2"] [data "Matched Data: <script found within REQUEST_URI: /?rsd=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "ftp.kettlehill.net"] [uri "/"] [unique_id "Zg2fqA2PRlJaII6-_kclwwAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ช๐ธ
10dencehispahard SL
|
|
Unauthorized login attempts [ BI-16635]
|
Brute-Force
|
|