| 186.226.216.104 |
attackbotsspam |
srvr2: (mod_security) mod_security (id:920350) triggered by 186.226.216.104 (BR/-/static-104-216-226-186.8bit.net.br): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/26 05:50:19 [error] 125640#0: *142698 [client 186.226.216.104] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159841381924.516445"] [ref "o0,15v21,15"], client: 186.226.216.104, [redacted] request: "GET / HTTP/1.1" [redacted] |
2020-08-26 18:42:08 |
| 185.147.215.12 |
attackspambots |
[2020-08-26 06:39:31] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.147.215.12:55144' - Wrong password
[2020-08-26 06:39:31] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-26T06:39:31.160-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="6098",SessionID="0x7f10c42b6218",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.12/55144",Challenge="37cb5a24",ReceivedChallenge="37cb5a24",ReceivedHash="c7d7d298c7828cbf9e05fa5466a51255"
[2020-08-26 06:39:52] NOTICE[1185] chan_sip.c: Registration from '' failed for '185.147.215.12:50769' - Wrong password
[2020-08-26 06:39:52] SECURITY[1203] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-08-26T06:39:52.769-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="9602",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.21
... |
2020-08-26 18:58:37 |