Ma ma
|
|
page scanning
|
Web App Attack
|
|
MPL
|
|
tcp/2955 (15 or more attempts)
|
Port Scan
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ wordpress-xmlrpc]
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 03 11:45:20.718152 2024] [security2:error] [pid 15693] [client 82.118.29.80:9803] [client 82.118.29.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "olimpiacerda.com"] [uri "/backup/.env"] [unique_id "ZeSpIAUpzbjfKaECJBvuaAAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 02 09:32:43.170325 2024] [security2:error] [pid 18526] [client 82.118.29.80:54335] [client 82.118.29.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crypto-stamps.com"] [uri "/back/.env"] [unique_id "ZeM4i0JMvAe8SkLjLH0MkgAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 15:35:19.240285 2024] [security2:error] [pid 23519] [client 82.118.29.80:54765] [client 82.118.29.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayareamustangs.com"] [uri "/restore/.env"] [unique_id "ZdpTB17Rx3j-MK094Uoe8QAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 17 23:27:55.660150 2024] [security2:error] [pid 13092] [client 82.118.29.80:45967] [client 82.118.29.80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mjkhan.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mjkhan.com"] [uri "/bak/sql.sql"] [unique_id "ZdGHS46ubMjat_XlkmU--gAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
hbrks
|
|
HEAD http://crm.marche-be.com/backups/wallet.zip
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 82.118.29.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 16 00:38:32.052551 2024] [security2:error] [pid 8257:tid 47950363371264] [client 82.118.29.80:40071] [client 82.118.29.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bluetigertees.com"] [uri "/sftp-config.json"] [unique_id "Zc702OC82K9M_l7KJPv0sAAAAIY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|
Anonymous
|
|
Unauthorized connection attempt detected in the last 24 hours
|
Hacking
|
|