TPI-Abuse
2024-11-03 18:50:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 13:50:11.512703 2024] [security2:error] [pid 23232:tid 23232] [client 13.79.146.150:3098] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telesto.pe"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyfF45_TC91tLoh7Y3cB-AAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
strefapi_com
2024-11-03 18:28:49
(2 months ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-11-03 18:24:11
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 13:24:04.580684 2024] [security2:error] [pid 12082:tid 12082] [client 13.79.146.150:2097] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.designamb.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zye_xLWhCTrQg0CVutz3TwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-11-03 18:13:10
(2 months ago)
(mod_security) mod_security (id:20000010) triggered by 13.79.146.150 (IE/Ireland/-): 5 in the last 3 ... show more (mod_security) mod_security (id:20000010) triggered by 13.79.146.150 (IE/Ireland/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
mnsf
2024-11-03 18:06:10
(2 months ago)
Too many Status 40X (19)
Brute-Force
Web App Attack
2000cn.com.au
2024-11-03 18:04:15
(2 months ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Hacking
Web App Attack
hostseries
2024-11-03 17:50:17
(2 months ago)
Trigger: LF_MODSEC
Brute-Force
TPI-Abuse
2024-11-03 17:39:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 12:38:59.032995 2024] [security2:error] [pid 29978:tid 29978] [client 13.79.146.150:3010] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.crescentcitycafe.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zye1MzUb4brmjlxN6TrRhwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Burayot
2024-11-03 17:13:47
(2 months ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 13.79.146.150 (IE/Ireland/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 13.79.146.150 (IE/Ireland/-): 1 in the last 3600 secs show less
Web App Attack
TPI-Abuse
2024-11-03 17:12:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 12:12:09.494376 2024] [security2:error] [pid 3504669:tid 3504669] [client 13.79.146.150:1554] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "redtowndesign.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zyeu6fkaUMEMA1Yf9BWiBAAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-11-03 17:12:01
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
Rizzy
2024-11-03 16:59:03
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
cmbplf
2024-11-03 16:57:45
(2 months ago)
34.988 requests in 1 hour (1d59m59s)
Brute-Force
Bad Web Bot
TPI-Abuse
2024-11-03 16:55:56
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 11:55:49.318302 2024] [security2:error] [pid 30505:tid 30505] [client 13.79.146.150:4324] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackkerrart.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyerFSUpPwbKu2IMUMIJywAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-03 16:39:04
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 13.79.146.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 03 11:38:59.919229 2024] [security2:error] [pid 31059:tid 31059] [client 13.79.146.150:1689] [client 13.79.146.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "explorediablo.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "ZyenI_gU_1KBgIL-SZXNxQAAACU"] show less
Brute-Force
Bad Web Bot
Web App Attack