๐บ๐ธ
TPI-Abuse
2024-11-12 10:20:14
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 12 05:20:04.759900 2024] [security2:error] [pid 29022:tid 29022] [client 216.98.255.147:59237] [client 216.98.255.147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bamedica.com"] [uri "/backup.wp-config.php"] [unique_id "ZzMr1IyIugo7oGUiMAEg4AAAAAE"], referer: https://www.yahoo.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-11-10 13:31:59
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 08:31:49.729425 2024] [security2:error] [pid 2531323:tid 2531323] [client 216.98.255.147:55455] [client 216.98.255.147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.old" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adlc18.org"] [uri "/wp-config.old"] [unique_id "ZzC1xWcnbkEL5wm5YHN00QAAAAI"], referer: https://www.yahoo.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
bohl-aiG5aef
2024-11-08 14:43:00
(1 year ago)
"HEAD /.wp-config.swp HTTP/1.1"
Hacking
Web App Attack
๐ฉ๐ช
FeG Deutschland
2024-11-08 08:41:01
(1 year ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-11-06 21:37:36
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 16:37:30.165639 2024] [security2:error] [pid 21364:tid 21364] [client 216.98.255.147:38815] [client 216.98.255.147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "obss.us"] [uri "/wp-config.php_old2018"] [unique_id "ZyvhmlWBMsVzOxTtbS1AJQAAAAc"], referer: https://www.yahoo.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
syokadmin
2024-11-06 21:27:06
(1 year ago)
(CT) IP 216.98.255.147 (US/United States/-) found to have 141 connections
Brute-Force
๐บ๐ธ
mnsf
2024-11-06 05:08:22
(1 year ago)
Request Overload (141)
Brute-Force
Web App Attack
๐ฉ๐ช
bodixite.net
2024-11-05 22:21:27
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 216.98.255.147 (US/United States/-)
SQL Injection
๐บ๐ธ
dtorrer
2024-11-04 14:54:39
(1 year ago)
General vulnerability scan.
Port Scan
๐ช๐ธ
10dencehispahard SL
2024-10-31 11:56:50
(1 year ago)
Unauthorized login attempts [ apache-files, apache-4xx]
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-10-30 21:01:58
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 30 17:01:50.552808 2024] [security2:error] [pid 1983:tid 1983] [client 216.98.255.147:60623] [client 216.98.255.147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollyndlaw.com"] [uri "/wp-config.php.aws"] [unique_id "ZyKevtkcS90iBQ1RtzoiZgAAAAs"], referer: https://www.yahoo.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-30 17:33:00
(1 year ago)
216.98.255.147 (US/United States/-) blocked with too many connections
DDoS Attack
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-30 06:31:00
(1 year ago)
Searches for old or backup wp-config
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-10-30 02:09:38
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 216.98.255.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 29 22:09:31.937262 2024] [security2:error] [pid 17003:tid 17003] [client 216.98.255.147:37427] [client 216.98.255.147] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pakistanvision.com|F|2"] [data ".cfg"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pakistanvision.com"] [uri "/wp-config.cfg"] [unique_id "ZyGVW0RdivtZzASf3sCVBAAAAAA"], referer: https://www.yahoo.com
show less
Brute-Force
Bad Web Bot
Web App Attack