MAGIC
2024-12-02 16:03:18
(6 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-12-01 11:44:43
(1 week ago)
Form spam
Web Spam
Anonymous
2024-11-30 22:57:52
(1 week ago)
Viewstate Trap
Web Spam
Anonymous
2024-11-22 18:10:40
(2 weeks ago)
multiple unauthorized attempts at Sat, 16 Nov 2024 06:27:07 +0000 a total of 1 times.
Brute-Force
TPI-Abuse
2024-11-17 02:09:18
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 16 21:09:10.852651 2024] [security2:error] [pid 12482:tid 12482] [client 85.203.44.64:48315] [client 85.203.44.64] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||prostar.industries|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "prostar.industries"] [uri "/bak/dump.sql"] [unique_id "ZzlQRrjuFTc9vpZGNPDhAAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-16 02:05:53
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-11-13 00:22:05
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-06 20:09:59
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 15:09:54.348907 2024] [security2:error] [pid 942:tid 942] [client 85.203.44.64:21919] [client 85.203.44.64] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "localteaching.network"] [uri "/.env"] [unique_id "ZyvNEhRdUem37OF3QJu8TwAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-08 18:21:43
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 14:21:35.193182 2024] [security2:error] [pid 24964:tid 24964] [client 85.203.44.64:39685] [client 85.203.44.64] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sailingcharterburma.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sailingcharterburma.com"] [uri "/back/www.sql"] [unique_id "Zt3rL0LU7x7JaL98RqQqBgAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-06 06:54:55
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 85.203.44.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 02:54:47.815720 2024] [security2:error] [pid 624854:tid 624854] [client 85.203.44.64:33493] [client 85.203.44.64] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||qualityelevatorcabs.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qualityelevatorcabs.com"] [uri "/old/dump.sql"] [unique_id "ZtqnNwPXAz-YpT_q_evevAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-08-20 12:00:40
(3 months ago)
Form spam
Web Spam
Anonymous
2024-08-19 15:01:43
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-08-17 04:07:24
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-07-28 19:01:51
(4 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
oncord
2024-07-24 00:33:24
(4 months ago)
Form spam
Web Spam