TPI-Abuse
2024-12-18 22:49:09
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 18 17:49:05.433583 2024] [security2:error] [pid 18071:tid 18071] [client 141.98.10.152:53761] [client 141.98.10.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kalvanna.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kalvanna.com"] [uri "/wp-content/debug.log"] [unique_id "Z2NRYddnyDQ7gp5fvA0dHQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-18 22:18:43
(1 month ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-12-18 21:20:53
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 18 16:20:46.465517 2024] [security2:error] [pid 29948:tid 29948] [client 141.98.10.152:52984] [client 141.98.10.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mtshastaconcerts.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mtshastaconcerts.com"] [uri "/wp-content/debug.log"] [unique_id "Z2M8rpocQMqruB0ABKw6owAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-12-18 16:07:42
(1 month ago)
23 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
mawan
2024-12-18 13:04:28
(1 month ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2024-12-18 02:21:58
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-12-17 21:14:42
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Savvii
2024-12-17 17:00:38
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-12-17 16:40:38
(1 month ago)
10 attempts against mh_ha-misc-ban on ec102950
Brute-Force
Web App Attack
Anonymous
2024-12-10 10:29:53
(1 month ago)
wordpress-trap
Web App Attack
Major Hostility
2024-12-10 04:40:45
(1 month ago)
"GET /wp-content/themes/wplms/style.css HTTP/1.1" 404
"GET /wp-content/plugins/wp-jobsearch/ad ... show more "GET /wp-content/themes/wplms/style.css HTTP/1.1" 404
"GET /wp-content/plugins/wp-jobsearch/admin/css/admin.css HTTP/1.1" 404
"GET /wp-content/plugins/wp-wc-affiliate-program/languages/rtwwwap-wp-wc-affiliate-program.pot HTTP/1.1" 404
"GET /wp-content/plugins/Ultimate_AI/assets/css/style.css HTTP/1.1" 404
"GET /wp-content/plugins/latepoint/readme.txt HTTP/1.1" 404
"GET /wp-content/plugins/gutenkit-blocks-addon/readme.txt HTTP/1.1" 404
"GET /wp-content/plugins/rss-feed-post-generator-echo/readme.txt HTTP/1.1" 404
"GET /wp-content/plugins/json-api-user/readme.txt HTTP/1.1" 404
"GET /wp-content/plugins/charitable/CHANGELOG.md HTTP/1.1" 404
"GET /wp-content/plugins/wp-job-portal/readme.txt HTTP/1.1" 404
"GET /wp-content/plugins/js-support-ticket/readme show less
Web App Attack
Anonymous
2024-12-10 04:15:12
(1 month ago)
Bot / seems abusive / Apache connections: 20
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-09 23:56:54
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 09 18:56:50.962136 2024] [security2:error] [pid 28835:tid 28852] [client 141.98.10.152:57892] [client 141.98.10.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||greaternorthmiamihistory.org|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "greaternorthmiamihistory.org"] [uri "/wp-content/debug.log"] [unique_id "Z1eDwoJ4TM8V4rretTE-GQAAAIw"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-12-09 23:00:32
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-12-09 20:32:31
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 141.98.10.152 (one-video.angerenhanc.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 09 15:32:26.321379 2024] [security2:error] [pid 27069:tid 27069] [client 141.98.10.152:64647] [client 141.98.10.152] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||studiopilates.net|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "studiopilates.net"] [uri "/wp-content/debug.log"] [unique_id "Z1dT2hmJ7dnjhmPvj8yZCQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack