Teniente Dan
2024-09-12 02:43:16
(4 weeks ago)
GET="/wp-cron.php" user-agent="IonCrawl (https://www.ionos.de/terms-gtc/faq-crawler-en/)"
Web App Attack
strefapi_com
2024-07-19 21:12:18
(2 months ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
Anonymous
2024-07-08 08:58:37
(3 months ago)
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less
Brute-Force
SSH
Anonymous
2024-06-21 04:45:06
(3 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
TPI-Abuse
2024-06-21 00:24:34
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 20 20:24:29.962430 2024] [security2:error] [pid 23701] [client 74.208.2.173:43327] [client 74.208.2.173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kulacenterky.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kulacenterky.com"] [uri "/category/schedule/[email protected] "] [unique_id "ZnTIPRT001OCNMMGZlk8UQAAAA4"] show less
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
Anonymous
2024-06-17 01:19:38
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
Brute-Force
SSH
SSH
TPI-Abuse
2024-06-13 15:32:28
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 11:32:24.667790 2024] [security2:error] [pid 6572] [client 74.208.2.173:49699] [client 74.208.2.173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.baliaccommodationpadangpadang.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.baliaccommodationpadangpadang.com"] [uri "/[email protected] "] [unique_id "ZmsRCHvgXblUk8T34GzGrwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-03 15:31:00
(5 months ago)
Scanning WP websites for exploits.
Web App Attack
TPI-Abuse
2024-03-05 07:37:43
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 05 02:37:38.221510 2024] [security2:error] [pid 32346] [client 74.208.2.173:35029] [client 74.208.2.173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||brickyardinn.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brickyardinn.com"] [uri "/mail to: [email protected] "] [unique_id "ZebLwo8hCNVfWjpv8lJUfQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-11-26 13:38:40
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 74.208.2.173 (crawlga100.1and1.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 26 08:38:37.245163 2023] [security2:error] [pid 1327428] [client 74.208.2.173:35287] [client 74.208.2.173] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.kingstoneproperties.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kingstoneproperties.com"] [uri "/[email protected] "] [unique_id "ZWNKXd9FyHX4rx5mRWL8ngAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2023-11-21 09:31:59
(10 months ago)
Fail2Ban Ban Triggered
Wordpress Attack Attempt
Brute-Force
Web App Attack
lavnet.net
2023-11-13 20:47:07
(10 months ago)
[Mon Nov 13 20:47:06.669619 2023] [authz_core:error] [pid 572318] [client 74.208.2.173:33259] AH0163 ... show more [Mon Nov 13 20:47:06.669619 2023] [authz_core:error] [pid 572318] [client 74.208.2.173:33259] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Nov 13 20:47:06.670041 2023] [authz_core:error] [pid 572318] [client 74.208.2.173:33259] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Mon Nov 13 20:47:07.788377 2023] [authz_core:error] [pid 572318] [client 74.208.2.173:33259] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
... show less
Brute-Force
Staging
2023-09-21 14:00:30
(1 year ago)
/wp-cron.php
DDoS Attack
Hacking
SQL Injection
Brute-Force
Web App Attack
adalbertoreyes.org
2023-09-18 16:39:11
(1 year ago)
CategoryPortScan
Port Scan
lavnet.net
2023-08-30 00:57:05
(1 year ago)
[Wed Aug 30 00:57:04.164985 2023] [authz_core:error] [pid 2189084] [client 74.208.2.173:36083] AH016 ... show more [Wed Aug 30 00:57:04.164985 2023] [authz_core:error] [pid 2189084] [client 74.208.2.173:36083] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Wed Aug 30 00:57:04.165183 2023] [authz_core:error] [pid 2189084] [client 74.208.2.173:36083] AH01630: client denied by server configuration: /var/www/a0a0.org/web/index.php
[Wed Aug 30 00:57:05.423825 2023] [authz_core:error] [pid 2189084] [client 74.208.2.173:36083] AH01630: client denied by server configuration: /var/www/a0a0.org/web/wp-cron.php
... show less
Brute-Force