w-e-c-l-o-u-d-i-t
2024-08-06 02:00:01
(2 months ago)
SPAM - Bruteforce Attack - DDOS 3
Email Spam
Brute-Force
TPI-Abuse
2024-08-05 23:30:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 19:30:10.204015 2024] [security2:error] [pid 2615:tid 2615] [client 134.209.105.214:49245] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "youthriskbehavior.banis-associates.com"] [uri "/wp-config.php"] [unique_id "ZrFggjLnGRT2eyicS6NEUQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-05 23:11:25
(2 months ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-08-05 16:03:14
(2 months ago)
Scanning/Probing (98)
Request Overload (2322)
Brute-Force
Web App Attack
TPI-Abuse
2024-08-05 12:53:58
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 08:53:53.378277 2024] [security2:error] [pid 3355:tid 3355] [client 134.209.105.214:60234] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayfieldwis.com"] [uri "/wp-config.php"] [unique_id "ZrDLYfUgE8s5vOATVB-FlwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 12:23:33
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 08:23:25.345203 2024] [security2:error] [pid 1733944:tid 1733944] [client 134.209.105.214:62844] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grayhost.net"] [uri "/wp-config.php"] [unique_id "ZrDEPQLoM7LlkE4OIj_O-QAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-08-04 16:03:09
(2 months ago)
Scanning/Probing (98)
Request Overload (2322)
Brute-Force
Web App Attack
TPI-Abuse
2024-08-04 15:10:27
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 11:10:20.187977 2024] [security2:error] [pid 12447:tid 12453] [client 134.209.105.214:58378] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.coffeepiratewriters.com"] [uri "/wp-config.php"] [unique_id "Zq-Z3MbGmM_VTeQAY9xxhgAAAUQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-04 13:51:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 09:51:10.900934 2024] [security2:error] [pid 23431:tid 23542] [client 134.209.105.214:55420] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aapm.info.aafm.us"] [uri "/wp-config.php"] [unique_id "Zq-HTqUGNBa-1Oa_4TEq7AAAAQ4"] show less
Brute-Force
Bad Web Bot
Web App Attack
updown.io
2024-08-04 08:17:04
(2 months ago)
{"level":"info","ts":1722759407.9552639,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1722759407.9552639,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"63322","proto":"HTTP/1.1","method":"GET","host":"6rud.status.updown.io","uri":"/.well-known/about.php","headers":{"User-Agent":["fasthttp"]}},"user_id":"","duration":0.000042691,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://6rud.status.updown.io/.well-known/about.php"],"Content-Type":[]}}
{"level":"info","ts":1722759408.032161,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"63361","proto":"HTTP/1.1","method":"GET","host":"6rud.status.updown.io","uri":"/vendor/phpunit/phpunit/src/Util/PHP/","headers":{"User-Agent":["fasthttp"]}},"user_id":"","duration":0.000045667,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://6rud.status.updown.io/vendor/phpunit/phpunit/src/Util/PHP/
... show less
DDoS Attack
Web App Attack
zynex
2024-08-04 07:38:02
(2 months ago)
URL Probing: /sx.php
Web App Attack
Anonymous
2024-08-04 04:21:01
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-04 01:41:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 21:41:09.739088 2024] [security2:error] [pid 8963:tid 8963] [client 134.209.105.214:59177] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slusarczyk.com"] [uri "/wp-config.php"] [unique_id "Zq7cNflJDfAi7sK7FoyQ3AAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-03 18:07:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 14:07:03.069548 2024] [security2:error] [pid 14475:tid 14475] [client 134.209.105.214:64970] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "egret.us"] [uri "/wp-config.php"] [unique_id "Zq5xxx4v5U3qHIfraBn1oAAAACA"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-08-03 15:05:09
(2 months ago)
Scanning/Probing (98)
Request Overload (2322)
Brute-Force
Web App Attack