TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 02 11:01:47.931639 2024] [security2:error] [pid 19274:tid 19274] [client 91.230.225.28:2079] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bitcoincasting.com"] [uri "/sftp-config.json"] [unique_id "ZyY-22T9fG5Nj2SIu6J2-AAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 02 10:44:40.343285 2024] [security2:error] [pid 22728:tid 22728] [client 91.230.225.28:26483] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||linnardfinancial.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "linnardfinancial.com"] [uri "/backups/dump.sql"] [unique_id "ZyY62MPp7Y4aQCvjLTLtAAAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 09:40:28.838321 2024] [security2:error] [pid 15587:tid 15587] [client 91.230.225.28:5297] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pigspolygon.xyz"] [uri "/backups/sftp-config.json"] [unique_id "Zva1zCmrzstYuIqVNZIIfAAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 16:14:50.339596 2024] [security2:error] [pid 2706835:tid 2706835] [client 91.230.225.28:52701] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||asiabeef.network|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiabeef.network"] [uri "/old/www.sql"] [unique_id "Zrkbuh9jAYx7cEq7IDdzJAAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Linuxmalwarehuntingnl
|
|
Unauthorized connection attempt
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 30 21:50:50.584763 2024] [security2:error] [pid 13331] [client 91.230.225.28:10925] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dudleyanddudley.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dudleyanddudley.com"] [uri "/restore/dump.sql"] [unique_id "Zlks-mRjaW2IHZDDf7wrqwAAAAE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
hbrks
|
|
HEAD http://techtronicgambia.com/backups/backup.tar
|
Web Spam
Hacking
Bad Web Bot
|
|
conseilgouz
|
|
sie-6 : Trying access system files=>/phpinfo.php(phpinfo.php)
|
Hacking
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 12 10:26:17.701046 2024] [security2:error] [pid 15338:tid 47569240512256] [client 91.230.225.28:38633] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.fishrapper.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fishrapper.com"] [uri "/restore/www.sql"] [unique_id "ZkDRiYbHQ_a3knUTGiOzGQAAAMg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
hbrks
|
|
HEAD http://marche-be.com/backup/marche-be.com.rar
statusCode: 503
|
Web Spam
Hacking
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 18 16:10:15.898009 2023] [security2:error] [pid 4339] [client 91.230.225.28:24945] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bizzybeejunkremoval.com"] [uri "/.env"] [unique_id "ZYC1N2H91V4lvzZlxZT9LQAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 16:40:27.794399 2023] [security2:error] [pid 28561] [client 91.230.225.28:52657] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atlanticstationsurvey.com"] [uri "/.env"] [unique_id "ZX9qy5UPAlHk6VrwEtht2wAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.230.225.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 16 22:57:51.644028 2023] [security2:error] [pid 25269] [client 91.230.225.28:63031] [client 91.230.225.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bitcointoolfair.com"] [uri "/.env"] [unique_id "ZX5xvyU-5biTa1s0XUQ1hwAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|