TPI-Abuse
2024-11-22 15:03:56
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 10:03:50.694679 2024] [security2:error] [pid 8971:tid 8971] [client 79.124.8.241:46144] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.doreenkimura.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.doreenkimura.com"] [uri "/reenkimura.sql"] [unique_id "Z0CdVvNip_0JtETFYRd_gwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-22 01:30:37
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 20:30:23.808427 2024] [security2:error] [pid 10673:tid 10782] [client 79.124.8.241:46362] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pennassociatenotary.com"] [uri "/wp-config.php.CloudTech_bak"] [unique_id "Zz_er9pA6NH2aep6uuhnywAAAZA"] show less
Brute-Force
Bad Web Bot
Web App Attack
PaulSep
2024-11-18 10:46:29
(2 weeks ago)
2024-11-18T11:46:28+01:00 [redacted] 79.124.8.241 - - [18/Nov/2024:11:46:27 +0100] "GET /account/ H ... show more 2024-11-18T11:46:28+01:00 [redacted] 79.124.8.241 - - [18/Nov/2024:11:46:27 +0100] "GET /account/ HTTP/1.1" 302 52112 "https://[redacted]/wp-login.php?redirect_to=%2Fmin-konto%2F" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" show less
Hacking
TPI-Abuse
2024-11-18 02:51:16
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 17 21:51:10.023290 2024] [security2:error] [pid 11211:tid 11211] [client 79.124.8.241:54758] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lonestaredgeworks.com"] [uri "/wp-config.php-bak"] [unique_id "ZzqrnoDfEE6idHZRZKV77gAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
nyuuzyou
2024-11-17 02:29:59
(2 weeks ago)
Intensive scraping: /web?s=%22When%20submitting%20information%20for%20use%20on%20this%20site%20we%20 ... show more Intensive scraping: /web?s=%22When%20submitting%20information%20for%20use%20on%20this%20site%20we%20ask%20that%20you%20follow%20the%20following%20suggestions%22&country=mt-mt&scraper=mojeek. User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 YaBrowser/22.7.0 Yowser/2.5 Safari/537.36. show less
Bad Web Bot
oncord
2024-11-16 17:19:37
(2 weeks ago)
Form spam
Web Spam
niceshops.com
2024-11-16 08:13:59
(3 weeks ago)
Web Attack ([16/Nov/2024:09:09:44 +0100] )
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 02:51:33
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 12 21:51:29.030606 2024] [security2:error] [pid 28912:tid 28912] [client 79.124.8.241:50318] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "glendaleheritage.org"] [uri "/wp-config.php_old2019"] [unique_id "ZzQUMYSAVeGMKhiavWRkJwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-04 14:51:48
(1 month ago)
multiple unauthorized attempts at Sun, 03 Nov 2024 08:32:05 +0000 a total of 2 times.
Brute-Force
TPI-Abuse
2024-11-04 12:41:42
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 07:41:38.055332 2024] [security2:error] [pid 22808:tid 22808] [client 79.124.8.241:53004] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.krewt.com"] [uri "/.git/config"] [unique_id "ZyjBAlQkblZXlc5a5q3AfAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-04 07:05:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 02:05:24.152818 2024] [security2:error] [pid 2088:tid 2088] [client 79.124.8.241:49630] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.joqlawncare.com"] [uri "/.git/config"] [unique_id "ZyhyNMVlLsckxxB1mYHFBgAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
niceshops.com
2024-11-03 17:30:14
(1 month ago)
Web Attack ([03/Nov/2024:18:30:02 +0100] )
Brute-Force
Bad Web Bot
Web App Attack
oncord
2024-11-02 08:04:02
(1 month ago)
Form spam
Web Spam
niceshops.com
2024-11-01 17:07:24
(1 month ago)
Web Attack ([01/Nov/2024:18:05:20 +0100] )
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-11-01 10:07:17
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot