Anonymous
2024-12-04 11:53:44
(15 hours ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
TPI-Abuse
2024-11-28 09:22:16
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 28 04:22:08.453441 2024] [security2:error] [pid 29030:tid 29030] [client 2a0b:f4c2:2::35:15023] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.clinchspurs.com"] [uri "/.git/config"] [unique_id "Z0g2QDo9A_0KeRaD-xu_nAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-25 05:02:38
(1 week ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
TPI-Abuse
2024-11-09 19:16:59
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 14:16:53.382262 2024] [security2:error] [pid 23390:tid 23390] [client 2a0b:f4c2:2::35:37405] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "models.teenyb.com"] [uri "/wp-config.php.maj"] [unique_id "Zy-1JVgEE9aIHPw_5oMTNwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 08:01:27
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 03:01:20.177448 2024] [security2:error] [pid 24705:tid 24705] [client 2a0b:f4c2:2::35:2029] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hawaiireservations.com"] [uri "/wp-content/themes/twentytwentyfour/ai-core/download.php"] [unique_id "Zy8W0GBq0wtgqA0QGFDm2wAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-06 00:50:05
(4 weeks ago)
| Multiple common web attacks from same source ip. (multiple servers)
Hacking
SQL Injection
Web App Attack
weblite
2024-11-04 15:49:03
(1 month ago)
WP_MALWARE_PROBE
Hacking
Web App Attack
weblite
2024-09-07 18:40:56
(2 months ago)
WP_EXPLOIT_PROBE WP_MALWARE_PROBE
Hacking
Web App Attack
TPI-Abuse
2024-09-02 12:22:40
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 02 08:22:36.350293 2024] [security2:error] [pid 4127680:tid 4127680] [client 2a0b:f4c2:2::35:7891] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||brainstormer.soy|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brainstormer.soy"] [uri "/r.sql"] [unique_id "ZtWuDHDegNqrZkCXiXyh3gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-28 15:57:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 11:57:26.001104 2024] [security2:error] [pid 15773:tid 15773] [client 2a0b:f4c2:2::35:19763] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.delcano.org"] [uri "/.git/config"] [unique_id "Zs9I5qEEZtDHGWI8sOCWiQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-25 02:02:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 22:02:46.910645 2024] [security2:error] [pid 20075:tid 20075] [client 2a0b:f4c2:2::35:10779] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.brandwrite.com"] [uri "/.git/config"] [unique_id "ZsqQxiDLgq92_BSKrHOgRAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 04:20:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 00:20:06.154493 2024] [security2:error] [pid 24366:tid 24366] [client 2a0b:f4c2:2::35:54243] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.fractalsky.com"] [uri "/.git/config"] [unique_id "ZsF2dss-69T0R4SNKQT6CAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-08-09 23:25:58
(3 months ago)
501 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
TPI-Abuse
2024-08-06 06:07:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 02:07:29.351144 2024] [security2:error] [pid 32423:tid 32423] [client 2a0b:f4c2:2::35:6043] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.pontiacpalace.com"] [uri "/.git/config"] [unique_id "ZrG9oVRqjgtSqIVhX9024gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 03:51:20
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:2::35 (tor-exit-35.for-privacy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 23:51:14.839247 2024] [security2:error] [pid 18381:tid 18395] [client 2a0b:f4c2:2::35:54015] [client 2a0b:f4c2:2::35] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thecraftsycat.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thecraftsycat.com"] [uri "/raftsycat.sql"] [unique_id "ZrBMMjFjZucmUikdjqyAxAAAAEQ"] show less
Brute-Force
Bad Web Bot
Web App Attack