taivas.nl
2024-12-09 05:32:24
(5 hours ago)
Many_bad_calls
Web App Attack
taivas.nl
2024-12-09 04:02:12
(7 hours ago)
Bad_requests
Bad Web Bot
taivas.nl
2024-12-09 03:32:12
(7 hours ago)
Site scraper
Web App Attack
Savvii
2024-12-08 12:54:32
(22 hours ago)
15 attempts against mh-modsecurity-ban on drop
Brute-Force
Web App Attack
TPI-Abuse
2024-12-08 09:01:02
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 08 04:00:57.942724 2024] [security2:error] [pid 755:tid 755] [client 4.227.36.69:53994] [client 4.227.36.69] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.cnprreviews.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cnprreviews.org"] [uri "/install/index.php.bak"] [unique_id "Z1VgSYQ89sL18Nypw2tqrgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-08 06:48:53
(1 day ago)
Excessive crawling/scraping
Hacking
Brute-Force
niceshops.com
2024-12-08 03:47:14
(1 day ago)
Large amount of http-requests in short time ([08/Dec/2024:04:38:02.843] )
Bad Web Bot
TPI-Abuse
2024-12-08 03:34:15
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 07 22:34:08.981002 2024] [security2:error] [pid 27396:tid 27396] [client 4.227.36.69:50928] [client 4.227.36.69] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||faithlines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faithlines.com"] [uri "/wp-json/wp/v2/users/1/"] [unique_id "Z1UTsOmLtTVASVGbdg7MeAAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
SCHAPPY
2024-12-07 09:13:00
(2 days ago)
Bad bot identified by user agent
Bad Web Bot
Major Hostility
2024-12-07 04:08:04
(2 days ago)
"GET /wp-content/uploads/2013/07/IMG_0663.jpg" HTTP/1.1" 404
"GET /wp-content/uploads/2013 ... show more "GET /wp-content/uploads/2013/07/IMG_0663.jpg" HTTP/1.1" 404
"GET /wp-content/uploads/2013/07/IMG_1617.jpg" HTTP/1.1" 404 show less
Web App Attack
Anonymous
2024-12-04 16:52:04
(4 days ago)
4.227.36.69 - - \[05/Dec/2024:00:52:03 +0800\] \"GET /bbs/uc/admin.php HTTP/2.0\" 404 42810 \"-\" \" ... show more 4.227.36.69 - - \[05/Dec/2024:00:52:03 +0800\] \"GET /bbs/uc/admin.php HTTP/2.0\" 404 42810 \"-\" \"Mozilla/5.0 AppleWebKit/537.36 \(KHTML, like Gecko\; compatible\; GPTBot/1.2\; +https://openai.com/gptbot\)\" show less
Web App Attack
Savvii
2024-12-04 02:09:30
(5 days ago)
15 attempts against mh-modsecurity-ban on drop
Brute-Force
Web App Attack
TPI-Abuse
2024-11-30 23:51:10
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 18:51:03.579157 2024] [security2:error] [pid 12761:tid 12761] [client 4.227.36.69:47358] [client 4.227.36.69] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.clcmillvale.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.clcmillvale.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "Z0uk59Dn44_D1iVWV8uPwQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-30 20:07:36
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 15:07:33.328163 2024] [security2:error] [pid 21696:tid 21696] [client 4.227.36.69:59498] [client 4.227.36.69] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bwrannarbor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bwrannarbor.com"] [uri "/index.php/wp-json/wp/v2/users/1"] [unique_id "Z0twhQM5IOI-l6EVhMTregAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-30 18:07:38
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot