MAGIC
2024-10-14 08:08:00
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-09-24 08:25:35
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 04:25:28.247780 2024] [security2:error] [pid 1795437:tid 1795437] [client 79.124.8.241:34294] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jazziientertainment.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jazziientertainment.com"] [uri "/config.bak"] [unique_id "ZvJ3eGfv28qm5gn2CISeDAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-23 18:45:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 14:45:28.851199 2024] [security2:error] [pid 3283996:tid 3283996] [client 79.124.8.241:33044] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mehmetatay.com"] [uri "/.git/config"] [unique_id "ZvG3SCv4a-kZonbNjSuD_wAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
georgengelmann
2024-09-22 20:02:28
(1 month ago)
Failed login attempt for admin
Brute-Force
Web App Attack
packets-decreaser.net
2024-09-21 09:06:06
(1 month ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
TPI-Abuse
2024-09-17 01:04:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 21:04:27.851278 2024] [security2:error] [pid 7766:tid 7766] [client 79.124.8.241:33274] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billymitchell.com"] [uri "/wp-config.phpa"] [unique_id "ZujVmxRRutEi9FUHCYdH5QAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
niceshops.com
2024-09-13 19:16:27
(1 month ago)
Web Attack ([13/Sep/2024:21:16:15 +0200] )
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-09-13 15:44:06
(1 month ago)
Form spam
Web Spam
TPI-Abuse
2024-09-12 22:05:39
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 18:05:31.903660 2024] [security2:error] [pid 2362:tid 2362] [client 79.124.8.241:33788] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "healingworksmassage.studio"] [uri "/wp-config.bak"] [unique_id "ZuNlqy-_RXm_b-lF7LlmbQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-09-12 13:26:56
(1 month ago)
Form spam
Web Spam
ThreatBook.io
2024-09-07 22:03:55
(2 months ago)
ThreatBook Intelligence: Gateway more details on http://threatbook.io/ip/79.124.8.241
Web App Attack
TPI-Abuse
2024-09-05 21:54:40
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 17:54:32.402950 2024] [security2:error] [pid 6437:tid 6448] [client 79.124.8.241:58914] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "howlerrock.com"] [uri "/wp-config.phpc"] [unique_id "ZtoomGE6LSxCmBuazhb_awAAAMM"] show less
Brute-Force
Bad Web Bot
Web App Attack
iNetWorker
2024-09-04 16:12:30
(2 months ago)
trolling for resource vulnerabilities
Web App Attack
TPI-Abuse
2024-09-03 17:01:15
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 13:01:07.235809 2024] [security2:error] [pid 18430:tid 18430] [client 79.124.8.241:45038] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dpcfab.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dpcfab.com"] [uri "/ab.sql"] [unique_id "ZtdA01n2LArAgg371Gt5cQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-09-03 16:59:28
(2 months ago)
Form spam
Web Spam