๐บ๐ธ
TPI-Abuse
2024-03-11 23:47:34
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 11 19:47:29.018470 2024] [security2:error] [pid 11063:tid 47925203851008] [client 156.146.33.88:44098] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aeaus.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "Ze-YEQLcqUMJfRCJQzXcsgAAAU0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2024-03-08 01:16:09
(2 years ago)
URL Probing: /wp-content/install.php
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2024-03-04 20:59:15
(2 years ago)
156.146.33.88 - - [04/Mar/2024:22:59:09 +0200] "GET /wp-includes/IXR/admin.php HTTP/1.1" 404 270 "-" ...
show more
156.146.33.88 - - [04/Mar/2024:22:59:09 +0200] "GET /wp-includes/IXR/admin.php HTTP/1.1" 404 270 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
156.146.33.88 - - [04/Mar/2024:22:59:13 +0200] "GET /wp-content/install.php HTTP/1.1" 404 270 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko"
...
show less
Web App Attack
๐จ๐ญ
zynex
2024-03-04 18:28:36
(2 years ago)
URL Probing: /minik.php
Web App Attack
๐ช๐ธ
10dencehispahard SL
2024-03-04 18:00:38
(2 years ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-02-15 13:20:39
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 08:20:33.141413 2024] [security2:error] [pid 18144] [client 156.146.33.88:57100] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||guarinofurnituredesigns.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "guarinofurnituredesigns.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc4PoT3ZfT9tgKw9MufzcgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
QT
2024-02-15 13:09:30
(2 years ago)
Website hack attempted at 2024-02-15 23:09:27 +1000
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 11:28:22
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 06:28:14.349148 2024] [security2:error] [pid 16206] [client 156.146.33.88:55702] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||taafe.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "taafe.net"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc31TqyKA6bz6oYgm_w9zQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 10:57:19
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 05:57:14.715593 2024] [security2:error] [pid 21114] [client 156.146.33.88:58560] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||aden.us|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aden.us"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3uCopkYYkkMliwXdcJagAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 10:41:05
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 05:40:58.064191 2024] [security2:error] [pid 30724] [client 156.146.33.88:36902] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.theathena.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.theathena.org"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3qOjGQC9-j93Hmtk62XQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 10:11:44
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 05:11:38.009094 2024] [security2:error] [pid 1737019:tid 47530071062272] [client 156.146.33.88:4807] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||humaehealth.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "humaehealth.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3jWp1aWBhl4OtRhaN4AgAAAVQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 09:52:24
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 04:52:21.052532 2024] [security2:error] [pid 9720] [client 156.146.33.88:40008] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jresm.net|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jresm.net"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3e1Q_jc41GdPUZ2NNipwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 09:20:06
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 04:19:59.472064 2024] [security2:error] [pid 19623] [client 156.146.33.88:42236] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nnlwest.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nnlwest.org"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3XP-Km3U23zbQr8DOlkAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-15 08:56:43
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 156.146.33.88 (unn-156-146-33-88.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 03:56:40.617890 2024] [security2:error] [pid 6112] [client 156.146.33.88:59650] [client 156.146.33.88] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lubbockknights.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lubbockknights.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zc3RyCiL2a-6tiUHtSm03gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2024-02-12 16:50:06
(2 years ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack