๐บ๐ธ
TPI-Abuse
2025-10-27 12:45:34
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 27 08:45:26.172445 2025] [security2:error] [pid 24916:tid 24916] [client 82.211.8.190:49997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renjunews.com"] [uri "/wp-config.php.bak"] [unique_id "aP9pZgLMgBQQiyx_bNjEFwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2025-10-26 20:09:34
(8 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-10-26 00:09:34
(8 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-10-25 20:09:33
(8 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ฉ๐ช
ghostwarriors
2025-10-25 01:20:08
(8 months ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-24 01:45:22
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 21:45:19.089559 2025] [security2:error] [pid 9970:tid 9970] [client 82.211.8.190:9155] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||gonzalovaralla.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gonzalovaralla.com"] [uri "/backup/gonzalovaralla.sql"] [unique_id "aPraL05gtbdnm-chxEHL4QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-23 22:34:51
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 18:34:45.837268 2025] [security2:error] [pid 26748:tid 26748] [client 82.211.8.190:35363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marijuanajoint.com"] [uri "/wp-config.php~"] [unique_id "aPqthejjzhr4nWUbNlh3qAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-23 22:03:39
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 18:03:33.438612 2025] [security2:error] [pid 27973:tid 27973] [client 82.211.8.190:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||eddysgroup.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eddysgroup.com"] [uri "/dump.sql"] [unique_id "aPqmNVpWUTbynECwq1jVcwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-21 16:15:56
(8 months ago)
2025-10-21T18:15:55.876989+02:00 zanati wp(www.sahpa.co.za)[219331]: Blocked authentication attempt ...
show more
2025-10-21T18:15:55.876989+02:00 zanati wp(www.sahpa.co.za)[219331]: Blocked authentication attempt for [email protected] from 82.211.8.190
...
show less
Web App Attack
Anonymous
2025-10-17 19:39:40
(8 months ago)
wordpress-trap
Web App Attack
๐ฎ๐ฉ
Burayot
2025-10-17 19:01:25
(8 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.211.8.190 (DE/Germany/-): 2 in th ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 82.211.8.190 (DE/Germany/-): 2 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-17 01:58:05
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 21:57:58.463106 2025] [security2:error] [pid 10531:tid 10531] [client 82.211.8.190:58201] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||macro-astrology.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "macro-astrology.com"] [uri "/wp-content/uploads/sql.sql"] [unique_id "aPGipukHEmX-4lXq0GKxtQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-12 23:26:26
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 82.211.8.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 19:26:20.059789 2025] [security2:error] [pid 3162:tid 3162] [client 82.211.8.190:65041] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||sharawi-gum.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sharawi-gum.com"] [uri "/backups.sql"] [unique_id "aOw5HAWx7Py6E8kgZ4stMAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2025-10-12 13:39:30
(8 months ago)
20 attempts against mh_ha-misbehave-ban on iron
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-07 16:01:44
(8 months ago)
wordpress-trap
Web App Attack