TPI-Abuse
2025-01-04 03:30:20
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 22:30:15.020214 2025] [security2:error] [pid 2091983:tid 2091983] [client 85.203.44.149:13069] [client 85.203.44.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.aeongames.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.aeongames.com"] [uri "/back/backup.sql"] [unique_id "Z3irR4XfXIBtx1-GoQ6vQQAAAEg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-02 15:07:21
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-12-23 02:26:36
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-12-20 04:50:03
(4 weeks ago)
| CMS (WordPress or Joomla) brute force attempt 10 times (rewritten)
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2024-12-13 00:17:05
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 12 19:17:00.326566 2024] [security2:error] [pid 3072:tid 3072] [client 85.203.44.149:49651] [client 85.203.44.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ezecredit.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ezecredit.net"] [uri "/sql.sql"] [unique_id "Z1t8_L2mXF4uBzsR6aPJWQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-12-12 07:24:04
(1 month ago)
Form spam
Web Spam
nyuuzyou
2024-12-09 14:35:25
(1 month ago)
Intensive scraping: /web?s=Construction%20services%20California&country=ff-ff&scraper=mwmbl. User-Ag ... show more Intensive scraping: /web?s=Construction%20services%20California&country=ff-ff&scraper=mwmbl. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36. show less
Bad Web Bot
MAGIC
2024-10-29 22:03:37
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-10-21 14:30:04
(2 months ago)
Form spam
Web Spam
Block Rockin' Beats
2024-10-07 05:47:02
(3 months ago)
Scanning forum with forged referal
Hacking
Web App Attack
Anonymous
2024-10-05 04:06:53
(3 months ago)
multiple unauthorized attempts at Thu, 03 Oct 2024 09:49:08 +0000 a total of 1 times.
Brute-Force
MAGIC
2024-09-16 01:12:20
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-09-11 14:59:11
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 11 10:59:04.574978 2024] [security2:error] [pid 16676:tid 16676] [client 85.203.44.149:35289] [client 85.203.44.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cryptoedge.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cryptoedge.net"] [uri "/restore/backup.sql"] [unique_id "ZuGwOApSY7ZJvPDzAqFAPAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
RLDD
2024-08-27 08:27:11
(4 months ago)
WP login attempts -nov
Brute-Force
oncord
2024-08-14 03:52:51
(5 months ago)
Form spam
Web Spam