Anthony Trimble
2024-11-09 22:56:24
(2 months ago)
Probe for vulnerabilities. Path attempted: /wp-content/plugins/not/includes/about.php
Web App Attack
TPI-Abuse
2024-11-09 22:39:15
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 17:39:12.019220 2024] [security2:error] [pid 8134:tid 8134] [client 13.74.150.68:3239] [client 13.74.150.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "colakogluinsaat.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy_kkKO7iSHBXZK8C0kGaAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 22:19:58
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 17:19:52.817241 2024] [security2:error] [pid 12972:tid 12972] [client 13.74.150.68:1521] [client 13.74.150.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollygrangenc.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy_gCAaDPuRUPsMNhCcoZgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
advena
2024-11-09 22:15:59
(2 months ago)
13.74.150.68 (AS8075 MICROSOFT-CORP-MSN-AS-BLOCK) was intercepted at 2024-11-09T22:12:52Z after viol ... show more 13.74.150.68 (AS8075 MICROSOFT-CORP-MSN-AS-BLOCK) was intercepted at 2024-11-09T22:12:52Z after violating WAF directive: 9ce4e284ff2a486aaa37d642bff5a079. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
S.O.B.A. Dev.
2024-11-09 22:15:30
(2 months ago)
Threat Blocked by BeeHive from (ASN:8075) (Network:MICROSOFT-CORP-MSN-AS-BLOCK) (Host:soba.dev) (Met ... show more Threat Blocked by BeeHive from (ASN:8075) (Network:MICROSOFT-CORP-MSN-AS-BLOCK) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2024-11-09T22:15:30Z) show less
Web Spam
Brute-Force
Web App Attack
mnsf
2024-11-09 22:08:14
(2 months ago)
Too many Status 40X (17)
Brute-Force
Web App Attack
Anonymous
2024-11-09 21:41:12
(2 months ago)
wordpress-trap
Web App Attack
COMAITE
2024-11-09 20:26:33
(2 months ago)
Multiple web server 400 error codes from same source ip 13.74.150.68.
Web App Attack
Anonymous
2024-11-09 20:24:00
(2 months ago)
(WPLOGIN) WP Login Attack 13.74.150.68 (IE/Ireland/-): 5 in the last 3600 secs; Ports: *; Direction: ... show more (WPLOGIN) WP Login Attack 13.74.150.68 (IE/Ireland/-): 5 in the last 3600 secs; Ports: *; Direction: 1 show less
Brute-Force
SSH
TPI-Abuse
2024-11-09 19:00:48
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 14:00:40.641219 2024] [security2:error] [pid 4428:tid 4442] [client 13.74.150.68:1651] [client 13.74.150.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy-xWDVxm2w_mGG6FwH82wAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-11-09 18:12:55
(2 months ago)
(mod_security) mod_security (id:20000010) triggered by 13.74.150.68 (IE/Ireland/-): 5 in the last 30 ... show more (mod_security) mod_security (id:20000010) triggered by 13.74.150.68 (IE/Ireland/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
Ba-Yu
2024-11-09 16:38:00
(2 months ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-11-09 16:22:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 13.74.150.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 11:21:53.356197 2024] [security2:error] [pid 31501:tid 31501] [client 13.74.150.68:2933] [client 13.74.150.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwipapuri-abadi.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy-MIZtYMLpHvxuyoAfS_AAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-09 16:11:32
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 13.74.150.68 (IE/Ireland/-)
SQL Injection
Rizzy
2024-11-09 16:01:04
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack