TPI-Abuse
2024-08-09 09:30:04
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 05:29:59.308769 2024] [security2:error] [pid 30309:tid 30309] [client 45.141.215.62:48704] [client 45.141.215.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skintormint.com"] [uri "/wp-config.php.org"] [unique_id "ZrXhlySQxT4aE1Xy_R4PugAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
LTM
2024-08-09 06:20:01
(2 months ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
Rip
2024-08-09 06:08:22
(2 months ago)
Web Application Server Abuse: Probing For Sensitive Files And Services - BANNED by ModSecurity ... show more Web Application Server Abuse: Probing For Sensitive Files And Services - BANNED by ModSecurity
... show less
Web App Attack
Steve
2024-08-06 03:06:00
(2 months ago)
SQL Injection Attempts
SQL Injection
Brute-Force
emsilab
2024-08-05 20:31:00
(2 months ago)
xmlrpc.php Brute-force [05/Aug/2024:19:05:40 +0000] "POST /xmlrpc.php HTTP/1.1" 307 18 "-" "Mozilla/ ... show more xmlrpc.php Brute-force [05/Aug/2024:19:05:40 +0000] "POST /xmlrpc.php HTTP/1.1" 307 18 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" 17701 "iobun@docker" "-" show less
Brute-Force
Web App Attack
polycoda
2024-08-04 10:54:00
(2 months ago)
Request a ton of inexistent files like /wp-config.php_old ...and... /wp-config.php.backup
Hacking
Web App Attack
TPI-Abuse
2024-08-04 05:20:19
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 01:20:13.805293 2024] [security2:error] [pid 6213:tid 6274] [client 45.141.215.62:49494] [client 45.141.215.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "amphoracollectors.org"] [uri "/wp-config.php~~"] [unique_id "Zq8PjcFsQYau2k9PEW3iQwAAAQc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-08-04 01:59:03
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
stinpriza
2024-08-03 03:04:25
(3 months ago)
Drupal Authentication failure
Brute-Force
Web App Attack
TPI-Abuse
2024-07-31 19:51:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 31 15:51:27.944668 2024] [security2:error] [pid 579308:tid 579308] [client 45.141.215.62:48660] [client 45.141.215.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "concertoaccordion.accordionclub.org"] [uri "/.git/config"] [unique_id "ZqqVv3ycuIBuezbJ7680AQAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
plzenskypruvodce.cz
2024-07-31 15:48:02
(3 months ago)
2024-07-31T17:47:59.562736+02:00 web wordpress(varhanykolin.cz)[3844839]: Immediately block connecti ... show more 2024-07-31T17:47:59.562736+02:00 web wordpress(varhanykolin.cz)[3844839]: Immediately block connections from 45.141.215.62
... show less
Brute-Force
Kenshin869
2024-07-31 15:03:49
(3 months ago)
Wordpress unauthorized access attempt
Brute-Force
TPI-Abuse
2024-07-30 19:08:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 15:08:43.272707 2024] [security2:error] [pid 14298:tid 14298] [client 45.141.215.62:31654] [client 45.141.215.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bikiniadvice.com"] [uri "/wp-config.php.txt"] [unique_id "Zqk6O6FCNvKwjbfzQjBq5AAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-07-30 17:08:42
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-29 17:38:16
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.141.215.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 29 13:38:11.255879 2024] [security2:error] [pid 27050:tid 27050] [client 45.141.215.62:39336] [client 45.141.215.62] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||procigar.info|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "procigar.info"] [uri "/prociga.sql"] [unique_id "ZqfTg-Rj69kdJCKzTACTRAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack