MAGIC
2024-11-30 16:03:16
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-11-28 11:36:07
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 28 06:36:03.130851 2024] [security2:error] [pid 8741:tid 8741] [client 80.76.51.210:54804] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||salinabible.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "salinabible.org"] [uri "/\\\\example.com"] [unique_id "Z0hVo8iBmW0hRyPQGId6UAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-28 05:25:05
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 28 00:24:56.074288 2024] [security2:error] [pid 4133320:tid 4133320] [client 80.76.51.210:55306] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||toepferlab.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "toepferlab.org"] [uri "/\\\\example.com"] [unique_id "Z0f-qD0z5aEloEW65rrHxgAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-27 21:15:59
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 27 16:15:52.166986 2024] [security2:error] [pid 1711288:tid 1711288] [client 80.76.51.210:37400] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dentsville398.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dentsville398.org"] [uri "/https:\\n\\rexample.com"] [unique_id "Z0eMCMrH0Oktq9QNX_AY5AAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-26 11:46:00
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 06:45:56.832739 2024] [security2:error] [pid 8500:tid 8500] [client 80.76.51.210:57336] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||periodpiano.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "periodpiano.org"] [uri "/\\\\example.com"] [unique_id "Z0W09IPnGeJFT33LTnrMVwAAACQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 16:14:03
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 11:13:57.101945 2024] [security2:error] [pid 1578:tid 1578] [client 80.76.51.210:43562] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||newlifeworshipcentre-gc.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "newlifeworshipcentre-gc.org"] [uri "/https:\\n\\rexample.com"] [unique_id "Z0SiRahCGiHljKn--Sr-CgAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-23 20:50:59
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 15:50:55.592310 2024] [security2:error] [pid 49587:tid 49587] [client 80.76.51.210:52372] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tijuanabible.org|F|2"] [data ".example.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tijuanabible.org"] [uri "/.example.com"] [unique_id "Z0JALzBVIjESQ2JNNGslfwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-23 12:16:46
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 07:16:41.775912 2024] [security2:error] [pid 27038:tid 27038] [client 80.76.51.210:47702] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ptfea.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ptfea.org"] [uri "/https:\\n\\rexample.com"] [unique_id "Z0HHqSROSmIA26-7AiNZUAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-22 16:36:23
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 11:36:19.643109 2024] [security2:error] [pid 7902:tid 7902] [client 80.76.51.210:37460] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||gbcwoodbine.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gbcwoodbine.org"] [uri "/\\\\example.com"] [unique_id "Z0CzA4bZHhBeN4RZnXaZJgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-22 15:49:59
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 10:49:51.751611 2024] [security2:error] [pid 845:tid 845] [client 80.76.51.210:55010] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bhhg.org|F|2"] [data ".example.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bhhg.org"] [uri "/.example.com"] [unique_id "Z0CoH94hR7aqLZcS5_ecbQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
w-e-c-l-o-u-d-i-t
2024-11-22 07:49:52
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (BR/Brazil/-): 1 in the last 600 s ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (BR/Brazil/-): 1 in the last 600 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC show less
Brute-Force
SSH
Anonymous
2024-11-21 23:17:59
(2 weeks ago)
80.76.51.210 - - [21/Nov/2024:23:17:58 +0000] "GET /.example.com HTTP/1.1" 404 11 "-" "Mozilla/5.0 ( ... show more 80.76.51.210 - - [21/Nov/2024:23:17:58 +0000] "GET /.example.com HTTP/1.1" 404 11 "-" "Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
... show less
Hacking
Web App Attack
TPI-Abuse
2024-11-21 22:17:13
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 17:17:07.498033 2024] [security2:error] [pid 12930:tid 12930] [client 80.76.51.210:60754] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||livinghopehighschool.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "livinghopehighschool.org"] [uri "/\\\\example.com"] [unique_id "Zz-xYxcOTGOnUEGWFIR_IAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-20 01:35:08
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 19 20:35:01.365136 2024] [security2:error] [pid 32369:tid 32369] [client 80.76.51.210:60688] [client 80.76.51.210] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||crep-psych.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "crep-psych.org"] [uri "/\\\\example.com"] [unique_id "Zz08xavYK5C3torZiLKt0wAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-11-12 22:14:15
(4 weeks ago)
(mod_security) mod_security (id:210730) triggered by 80.76.51.210 (BG/Bulgaria/-): 5 in the last 300 ... show more (mod_security) mod_security (id:210730) triggered by 80.76.51.210 (BG/Bulgaria/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack