๐ซ๐ท
Kenshin869
2024-04-15 15:49:06
(2 years ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-04-15 00:03:39
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 14 20:03:32.091016 2024] [security2:error] [pid 26001:tid 47211671021312] [client 199.249.230.164:34860] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||culturallyyours.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "culturallyyours.org"] [uri "/cultura.sql"] [unique_id "Zhxu1PCFJ0xf-eD_YLckkQAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2024-04-11 11:00:56
(2 years ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-04-10 22:15:25
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 10 18:15:19.559408 2024] [security2:error] [pid 27723:tid 47468899837696] [client 199.249.230.164:56502] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||freshviewevents.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "freshviewevents.com"] [uri "/.sql"] [unique_id "ZhcPd5337n08aLT3YCA53wAAAhM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-04-09 17:14:33
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 09 13:14:27.475527 2024] [security2:error] [pid 21560] [client 199.249.230.164:52304] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campos.tv"] [uri "/wp-config.phpold"] [unique_id "ZhV3c5nJNMCSntSKO1tHlwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-04-08 17:11:19
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 08 13:11:14.300480 2024] [security2:error] [pid 2455479] [client 199.249.230.164:53718] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||goseethenurse.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "goseethenurse.com"] [uri "/gos.sql"] [unique_id "ZhQlMv_u7xQminYwUEWPtwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2024-04-08 12:20:45
(2 years ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
niceshops.com
2024-02-14 11:49:02
(2 years ago)
Web Attack ([14/Feb/2024:12:48:56 +0100] )
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
sms.ru
2024-02-14 03:20:03
(2 years ago)
SMS pumping attack (request flood from TOR)
DDoS Attack
๐ฉ๐ช
niceshops.com
2024-02-12 14:25:37
(2 years ago)
Web Attack ([12/Feb/2024:15:25:32 +0100] )
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-12 14:08:44
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 12 09:08:37.071957 2024] [security2:error] [pid 27617] [client 199.249.230.164:53368] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mccompu.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mccompu.com"] [uri "/m.sql"] [unique_id "ZcomZX88weyQ78pyZVUl1QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-02-12 06:49:57
(2 years ago)
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the l ...
show more
(mod_security) mod_security (id:210730) triggered by 199.249.230.164 (tor75.quintex.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 12 01:49:54.815479 2024] [security2:error] [pid 25414] [client 199.249.230.164:48992] [client 199.249.230.164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||tlc-computing.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "tlc-computing.com"] [uri "/tlc-c.sql"] [unique_id "Zcm_kibYgzx1Z1GTtHv67gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Swiptly
2024-02-11 23:35:44
(2 years ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
๐ฆ๐บ
ozisp.com.au
2024-02-11 08:28:01
(2 years ago)
US_Quintex_<33>1707640080 [1:2522075:5430] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic ...
show more
US_Quintex_<33>1707640080 [1:2522075:5430] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 76 [Classification: Misc Attack] [Priority: 2] {TCP} 199.249.230.164:59192
show less
Open Proxy
๐ฉ๐ช
niceshops.com
2024-02-11 07:52:57
(2 years ago)
Web Attack multi (Feb 24 08:52:56 Matching rules: Detect possible SQL injection - Too many SQL keyw ...
show more
Web Attack multi (Feb 24 08:52:56 Matching rules: Detect possible SQL injection - Too many SQL keywords (more than 3 times),Detect possible SQL injection - E.g. Sleep(5),Detect possible SQL injection - E.g. Select * from )
show less
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack