Anonymous
2025-01-10 08:10:27
(3 days ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
Anonymous
2025-01-10 07:28:19
(3 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
octageeks.com
2025-01-10 05:06:35
(3 days ago)
Wordpress malicious attack:[octascan]
Web App Attack
TPI-Abuse
2025-01-09 23:21:43
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 18:21:36.338174 2025] [security2:error] [pid 2358998:tid 2358998] [client 95.181.238.102:11127] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||cattapreta.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cattapreta.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z4BaAO4Zsav7dR0KvyzpXQAAAB8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-09 19:29:15
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 14:29:07.801259 2025] [security2:error] [pid 2694578:tid 2694636] [client 95.181.238.102:50161] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||meanmouse.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "meanmouse.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z4Ajg-GrDWfRknxBV7vCIwAAANI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-09 15:02:58
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 10:02:50.313661 2025] [security2:error] [pid 26954:tid 26954] [client 95.181.238.102:58872] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||zwierlein.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "zwierlein.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z3_lGtIvrnVtvnQCnFaMtwAAACc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-09 14:34:59
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 09:34:52.244588 2025] [security2:error] [pid 18121:tid 18121] [client 95.181.238.102:28821] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wilcoxlawllc.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wilcoxlawllc.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z3_ejMDu9S0CPAD7TP7maQAAAE8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-09 03:11:07
(4 days ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
TPI-Abuse
2025-01-08 22:37:12
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 08 17:37:09.007485 2025] [security2:error] [pid 9518:tid 9518] [client 95.181.238.102:42309] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vrbsroma.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vrbsroma.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z37-FQ1MH3qfpureRwznOAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-08 21:15:40
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 95.181.238.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 08 16:15:36.826371 2025] [security2:error] [pid 2215488:tid 2215488] [client 95.181.238.102:62687] [client 95.181.238.102] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||polarisled.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "polarisled.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Z37q-NY-jxRc2CvVqi--TQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-27 16:01:04
(2 weeks ago)
Web App Attack
Anonymous
2024-12-06 18:24:16
(1 month ago)
Ports: 25,110,143,993,995; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Linuxmalwarehuntingnl
2024-07-01 10:52:13
(6 months ago)
Unauthorized connection attempt
Brute-Force
Anonymous
2023-11-14 18:07:00
(1 year ago)
"Evasion technique detected"
Brute-Force
Anonymous
2023-11-14 11:50:35
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force