Anonymous
2024-11-04 00:01:52
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MAGIC
2024-11-04 00:01:33
(2 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
WebpodsLLC
2024-11-03 23:28:56
(2 months ago)
(mod_security) mod_security (id:14203) triggered by 13.79.146.150 (IE/Ireland/-): 3 in the last 3600 ... show more (mod_security) mod_security (id:14203) triggered by 13.79.146.150 (IE/Ireland/-): 3 in the last 3600 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC; show less
Port Scan
Brute-Force
Web App Attack
TPI-Abuse
2024-11-03 23:28:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 18:27:53.969912 2024] [security2:error] [pid 29032:tid 29032] [client 13.79.146.150:2824] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pbhomesinc.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZygG-dURphQ-pdLbj2EQwgAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
LRob.fr
2024-11-03 23:15:06
(2 months ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
TPI-Abuse
2024-11-03 23:05:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 18:05:12.235989 2024] [security2:error] [pid 23356:tid 23356] [client 13.79.146.150:3735] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mavikalem.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZygBqIqFwdvMWE4tBzSqtgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-03 22:47:15
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 17:47:12.773029 2024] [security2:error] [pid 1436:tid 1436] [client 13.79.146.150:1344] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ventivhealthcare.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zyf9cKar7cYpjbffWnKtHAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-03 21:46:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 16:46:16.230269 2024] [security2:error] [pid 4505:tid 4505] [client 13.79.146.150:4842] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.acworthga.us"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfvKNfvZ4w9ZOTkg-FduQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-03 21:13:41
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 16:13:36.657421 2024] [security2:error] [pid 17259:tid 17259] [client 13.79.146.150:5225] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kshooper.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfngK8mO6Ipz5385ovj2wAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
jormaster3k
2024-11-03 21:04:58
(2 months ago)
Attack against Apache (too many 404s)
Web App Attack
TPI-Abuse
2024-11-03 20:44:35
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 15:44:29.584647 2024] [security2:error] [pid 4398:tid 4398] [client 13.79.146.150:5846] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ballantinepaintinganddrywall.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfgrdAPwCpfe_QPhLoa4QAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-03 20:24:11
(2 months ago)
Open Source CMS Configuration File Requests
Hacking
Brute-Force
TPI-Abuse
2024-11-03 20:07:57
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 15:07:50.239391 2024] [security2:error] [pid 2278:tid 2293] [client 13.79.146.150:3481] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "woadwellness.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfYFgzzEyenna1u2HboWgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-03 19:57:04
(2 months ago)
Fail2Ban apache-noscript
Bad Web Bot
TPI-Abuse
2024-11-03 19:17:37
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 14:17:32.148363 2024] [security2:error] [pid 15747:tid 15783] [client 13.79.146.150:3001] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ayubhamdardfoundation.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfMTD9OBLFwJdTPh9-xEQAAAYU"] show less
Brute-Force
Bad Web Bot
Web App Attack