weblite
2024-09-07 18:40:56
(1 month ago)
WP_EXPLOIT_PROBE WP_MALWARE_PROBE
Hacking
Web App Attack
TPI-Abuse
2024-09-02 12:22:40
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 02 08:22:36.350293 2024] [security2:error] [pid 4127680:tid 4127680] [client 2a0b:f4c2:2::35:7891] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||brainstormer.soy|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brainstormer.soy"] [uri "/r.sql"] [unique_id "ZtWuDHDegNqrZkCXiXyh3gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-28 15:57:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 11:57:26.001104 2024] [security2:error] [pid 15773:tid 15773] [client 2a0b:f4c2:2::35:19763] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.delcano.org"] [uri "/.git/config"] [unique_id "Zs9I5qEEZtDHGWI8sOCWiQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-25 02:02:55
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 22:02:46.910645 2024] [security2:error] [pid 20075:tid 20075] [client 2a0b:f4c2:2::35:10779] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.brandwrite.com"] [uri "/.git/config"] [unique_id "ZsqQxiDLgq92_BSKrHOgRAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 04:20:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 00:20:06.154493 2024] [security2:error] [pid 24366:tid 24366] [client 2a0b:f4c2:2::35:54243] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.fractalsky.com"] [uri "/.git/config"] [unique_id "ZsF2dss-69T0R4SNKQT6CAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-08-09 23:25:58
(2 months ago)
501 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
TPI-Abuse
2024-08-06 06:07:36
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 02:07:29.351144 2024] [security2:error] [pid 32423:tid 32423] [client 2a0b:f4c2:2::35:6043] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.pontiacpalace.com"] [uri "/.git/config"] [unique_id "ZrG9oVRqjgtSqIVhX9024gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 03:51:20
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 23:51:14.839247 2024] [security2:error] [pid 18381:tid 18395] [client 2a0b:f4c2:2::35:54015] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thecraftsycat.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thecraftsycat.com"] [uri "/raftsycat.sql"] [unique_id "ZrBMMjFjZucmUikdjqyAxAAAAEQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-30 07:44:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 03:44:01.192919 2024] [security2:error] [pid 13384:tid 13384] [client 2a0b:f4c2:2::35:40069] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.edgecombe.net"] [uri "/.git/config"] [unique_id "ZqiZwcZP84NQvz3gcq4uJwAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-30 07:11:11
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 03:11:04.247276 2024] [security2:error] [pid 19768:tid 19768] [client 2a0b:f4c2:2::35:36103] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.amrtactical.com"] [uri "/.git/config"] [unique_id "ZqiSCCL_Ix2Jd965DZscWAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-30 05:29:21
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 01:29:17.242263 2024] [security2:error] [pid 26432:tid 26432] [client 2a0b:f4c2:2::35:31495] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.gracefaerie.com"] [uri "/.git/config"] [unique_id "Zqh6LS4op7449dinaN4EKwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-28 17:31:30
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 13:31:23.607211 2024] [security2:error] [pid 25711:tid 25711] [client 2a0b:f4c2:2::35:47979] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.transcapitalsolutions.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.transcapitalsolutions.com"] [uri "/transcapitalsoluti.sql"] [unique_id "ZqaAa4Vw667ZvqZqXkRr8gAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
SOC [GOLINE SA]
2024-07-23 17:43:12
(2 months ago)
(htpasswd) Failed web page login from 2a0b:f4c2:2::35 (DE/Germany/-/-/tor-exit-35.for-privacy.net/[A ... show more (htpasswd) Failed web page login from 2a0b:f4c2:2::35 (DE/Germany/-/-/tor-exit-35.for-privacy.net/[AS60729 Stiftung Erneuerbare Freiheit]): 1 in the last 3600 secs; IP: 2a0b:f4c2:2::35; Ports: *; Direction: 0; Trigger: LF_TRIGGER; Logs: [Tue Jul 23 19:43:09.425147 2024] [auth_basic:error] [pid 1450:tid 133357824378560] [client 2a0b:f4c2:2::35:54915] AH01618: user Admin not found: /report.html show less
Brute-Force
TPI-Abuse
2024-07-23 03:08:12
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 23:08:04.441048 2024] [security2:error] [pid 26405:tid 26405] [client 2a0b:f4c2:2::35:22987] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.rwabutazafoundation.org"] [uri "/.git/config"] [unique_id "Zp8elAbFjvqR5CIcNpTU6AAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-22 17:01:07
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 13:01:03.202559 2024] [security2:error] [pid 20713:tid 20713] [client 2a0b:f4c2:2::35:23285] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.jimbrofriends.com"] [uri "/.git/config"] [unique_id "Zp6QT5Ne6NUMDkKbvRjhiAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack