Anonymous
2024-09-28 09:44:59
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2024-09-21 09:39:26
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 21 05:39:19.637060 2024] [security2:error] [pid 16725:tid 16725] [client 57.141.7.11:50996] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||elcalamo.com|F|2"] [data ".pdb"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "elcalamo.com"] [uri "/pda/turra-desafinada_txt.PDB"] [unique_id "Zu6UR23KWulYucaPSC4PAAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-18 10:56:09
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-09-13 19:27:54
(3 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-09-09 09:03:52
(3 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
ghostwarriors
2024-09-03 20:50:04
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-09-03 20:20:53
(1 month ago)
2024/09/03 22:20:52 [error] 50359#783118: *5998852 limiting requests, excess: 0.444 by zone "crawler ... show more 2024/09/03 22:20:52 [error] 50359#783118: *5998852 limiting requests, excess: 0.444 by zone "crawler", client: 57.141.7.11, server: crxforum.ksol.io, request: "GET /showRecAnswers.php?topicId=128&commentUniqId=65d738208980d&seed=6695d4cacd89c HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
Thaliruth
2024-08-22 07:00:40
(1 month ago)
57.141.7.11 - - [22/Aug/2024:09:00:39 +0200] "GET /hdro-news/hdro-allgemein/1834-ein-brief-von-execu ... show more 57.141.7.11 - - [22/Aug/2024:09:00:39 +0200] "GET /hdro-news/hdro-allgemein/1834-ein-brief-von-executive-producer-rob-ciccolini.html HTTP/1.0" 410 1738 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)"
... show less
Bad Web Bot
TPI-Abuse
2024-08-21 15:13:19
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 11:13:13.201222 2024] [security2:error] [pid 3109:tid 3109] [client 57.141.7.11:56146] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.walc.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.walc.net"] [uri "/wp-json/wp/v2/users/409"] [unique_id "ZsYECXCQOIdWLtmZAZwA3wAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-20 12:45:39
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 08:45:33.813176 2024] [security2:error] [pid 3350463:tid 3350463] [client 57.141.7.11:35766] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nlc-calumet.org|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nlc-calumet.org"] [uri "/SON/pics/2007/Thumbs.db"] [unique_id "ZsSP7VIXvZ-P9-yspIM5lgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-17 18:04:47
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 14:04:40.440218 2024] [security2:error] [pid 1931:tid 1931] [client 57.141.7.11:50728] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||karenbernsteinlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "karenbernsteinlaw.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZsDmOG7Ht2w02fxnaourlQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-13 18:31:28
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 14:31:22.105750 2024] [security2:error] [pid 27747:tid 27747] [client 57.141.7.11:49846] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nearfieldchrist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nearfieldchrist.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZrumevvCLqw_6tnhGB14RQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-13 14:35:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 10:35:30.274083 2024] [security2:error] [pid 3187:tid 3187] [client 57.141.7.11:52674] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.civilwarzone.com|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "ZrtvMiLJ64q0BizCj5LF9wAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-12 04:58:53
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 00:58:47.294213 2024] [security2:error] [pid 10530:tid 10530] [client 57.141.7.11:41054] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.thehealthyplaceclayton.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thehealthyplaceclayton.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZrmWh3iOlQEwehZ74PxAFQAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 09:26:38
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 57.141.7.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 05:26:31.871630 2024] [security2:error] [pid 29617:tid 29617] [client 57.141.7.11:53712] [client 57.141.7.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vangentholding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vangentholding.com"] [uri "/wp-json/wp/v2/users/173742"] [unique_id "ZriDx96-_tKDG7Lpi8hc9wAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack