Anonymous
2024-08-16 10:06:56
(3 weeks ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-08-16 04:31:02
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 16 00:30:58.739863 2024] [security2:error] [pid 5284:tid 5284] [client 134.209.105.214:54885] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epicjellyfish.com"] [uri "/wp-config.php"] [unique_id "Zr7WAtworEGnpUw-koxLigAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
zynex
2024-08-16 01:45:26
(4 weeks ago)
URL Probing: /click.php
Web App Attack
Anonymous
2024-08-16 01:30:56
(4 weeks ago)
wordpress-trap
Web App Attack
Savvii
2024-08-15 03:23:43
(4 weeks ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
updown.io
2024-08-15 00:08:23
(4 weeks ago)
{"level":"info","ts":1723680487.409002,"logger":"http.log.access.log0","msg":"handled request","requ ... show more {"level":"info","ts":1723680487.409002,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"53561","client_ip":"134.209.105.214","proto":"HTTP/1.1","method":"GET","host":"otwh.status.updown.io","uri":"/.well-known/about.php","headers":{"User-Agent":["fasthttp"]}},"bytes_read":0,"user_id":"","duration":0.000043613,"size":0,"status":308,"resp_headers":{"Location":["https://otwh.status.updown.io/.well-known/about.php"],"Content-Type":[],"Server":["Caddy"],"Connection":["close"]}}
{"level":"info","ts":1723680487.6518776,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"53713","client_ip":"134.209.105.214","proto":"HTTP/1.1","method":"GET","host":"otwh.status.updown.io","uri":"/vendor/phpunit/phpunit/src/Util/PHP/","headers":{"User-Agent":["fasthttp"]}},"bytes_read":0,"user_id":"","duration":0.000041289,"size":0,"status":308,"resp_headers":{"Location":["https://otwh.statu
... show less
DDoS Attack
Web App Attack
TPI-Abuse
2024-08-14 05:32:58
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 01:32:54.228875 2024] [security2:error] [pid 5943:tid 5943] [client 134.209.105.214:63068] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aticom.net"] [uri "/wp-config.php"] [unique_id "ZrxBhqHdm77W2zRNZIVcFgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-14 04:50:31
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH
TPI-Abuse
2024-08-14 00:44:48
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 20:44:43.707736 2024] [security2:error] [pid 813478:tid 813478] [client 134.209.105.214:57216] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "portcitybluessociety.com"] [uri "/wp-config.php"] [unique_id "Zrv9-6IDbqf2g-OnJjyRJwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-13 03:02:53
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-12 17:09:54
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Savvii
2024-08-12 11:07:27
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 23:38:53
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 19:38:45.641527 2024] [security2:error] [pid 8684:tid 8684] [client 134.209.105.214:61273] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "informativearticles.com"] [uri "/wp-config.php"] [unique_id "ZrlLhQW36mzbDyqLFrEMSgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 09:10:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 05:10:13.956932 2024] [security2:error] [pid 10356:tid 10356] [client 134.209.105.214:49883] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tcr.us"] [uri "/wp-config.php"] [unique_id "Zrh_9Ua_4WbhBERyNELbJwAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 03:54:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 23:54:09.354037 2024] [security2:error] [pid 6242:tid 6242] [client 134.209.105.214:57104] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ez1productions.com"] [uri "/wp-config.php"] [unique_id "Zrg14ZkVhG0ck-1S9kT8ZwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack