TPI-Abuse
2024-08-05 19:39:14
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 15:39:09.936280 2024] [security2:error] [pid 6188:tid 6194] [client 198.98.54.34:42044] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jpdesign.us"] [uri "/wp-config.php~"] [unique_id "ZrEqXbiWv1Mf9yJVHb_TBQAAAIQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-03 23:42:00
(4 months ago)
"Server Side Code Injection,Command Execution"
SQL Injection
Aetherweb Ark
2024-08-02 17:44:08
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (US/United States/tor-exit.tor4all ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (US/United States/tor-exit.tor4all.com): N in the last X secs show less
Web App Attack
mnsf
2024-08-02 16:01:12
(4 months ago)
Xmlrpc Caught (10)
Brute-Force
Web App Attack
oncord
2024-07-31 16:01:48
(4 months ago)
Form spam
Web Spam
TPI-Abuse
2024-07-28 17:23:02
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 13:22:57.147389 2024] [security2:error] [pid 18540:tid 18549] [client 198.98.54.34:43126] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||annacaird.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "annacaird.com"] [uri "/annacaird.sql"] [unique_id "ZqZ-cYNOjzFShFDBWKcG_AAAAEQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Joe-Mark
2024-07-28 14:18:41
(4 months ago)
TCP Port: 143 . src-port=35168 Found TOR Exit nodes anonymizer [ filter blocked ] (29 ... show more TCP Port: 143 . src-port=35168 Found TOR Exit nodes anonymizer [ filter blocked ] (298) show less
Port Scan
Hacking
TPI-Abuse
2024-07-27 23:07:40
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 27 19:07:34.835737 2024] [security2:error] [pid 8003:tid 8003] [client 198.98.54.34:35404] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "africa.systems"] [uri "/wp-config.php.sample"] [unique_id "ZqV9tsHCqQ0ZFic5gPgeCwAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-27 11:07:08
(4 months ago)
Aggressive web scan
Web App Attack
TPI-Abuse
2024-07-25 15:32:29
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 25 11:32:21.671960 2024] [security2:error] [pid 12879:tid 12879] [client 198.98.54.34:50702] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "321q.com"] [uri "/wp-config.php_"] [unique_id "ZqJwBS16Hcgbwp3Hd7EsZwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-25 02:02:37
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 22:02:32.580697 2024] [security2:error] [pid 6155:tid 6155] [client 198.98.54.34:45388] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gjbenches.com"] [uri "/wp-config.php.uk"] [unique_id "ZqGyOKm_jKiNLVjKax2mfQAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-24 18:43:33
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 14:43:26.555504 2024] [security2:error] [pid 11030:tid 11030] [client 198.98.54.34:38142] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sharonmauldin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sharonmauldin.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "ZqFLTmb2e5GTIdYMCwv4KwAAAA8"], referer: http://sharonmauldin.com/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-24 12:26:37
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 08:26:33.402133 2024] [security2:error] [pid 15958:tid 15958] [client 198.98.54.34:42666] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kulacenterky.com"] [uri "/wp-config.php.bak"] [unique_id "ZqDy-Qi-dl9bb15BU_9xHQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
georgengelmann
2024-07-23 12:23:06
(4 months ago)
Failed login attempt for superuser
Brute-Force
Web App Attack
TPI-Abuse
2024-07-22 14:42:24
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 198.98.54.34 (tor-exit.tor4all.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 10:42:18.975796 2024] [security2:error] [pid 14887:tid 14887] [client 198.98.54.34:60812] [client 198.98.54.34] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.countrysideinnkingston.com"] [uri "/.git/config"] [unique_id "Zp5vymcYtEIj_bjJw22w_gAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack