MAGIC
2024-07-20 00:07:40
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
hostseries
2024-07-10 17:12:06
(2 months ago)
Trigger: LF_MODSEC
Brute-Force
TPI-Abuse
2024-07-10 16:33:02
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 12:32:56.033705 2024] [security2:error] [pid 13765] [client 138.199.18.133:51872] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.djdharma.com"] [uri "/wp-config.php"] [unique_id "Zo63uH0B8Lebwii_1BGwpAAAACc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 13:56:33
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 09:56:26.920049 2024] [security2:error] [pid 7197] [client 138.199.18.133:63396] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.174"] [uri "/wp-config.php"] [unique_id "Zo6TCgFndEctfVTd29NyiQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 13:39:01
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 09:38:56.957299 2024] [security2:error] [pid 15224] [client 138.199.18.133:57650] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vincentmonaco.com"] [uri "/wp-config.php"] [unique_id "Zo6O8HHvx9qgPZbLNVqogwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 11:16:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 07:16:45.581726 2024] [security2:error] [pid 22113] [client 138.199.18.133:61235] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zodiacwin.com"] [uri "/wp-config.php"] [unique_id "Zo5tneoyaGgR11y_RzSZcQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 10:34:32
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 06:34:27.240514 2024] [security2:error] [pid 21191] [client 138.199.18.133:57107] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "northfortworthalliance.com"] [uri "/wp-config.php"] [unique_id "Zo5jsxP67CfU8F2VLDdtYQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-10 10:12:30
(2 months ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-07-10 09:45:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 05:45:46.251568 2024] [security2:error] [pid 16849] [client 138.199.18.133:57939] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "obss.us"] [uri "/wp-config.php"] [unique_id "Zo5YSuD3URFVuU66klX0VQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 09:09:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 05:09:12.572651 2024] [security2:error] [pid 9467] [client 138.199.18.133:54276] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stansco.com"] [uri "/wp-config.php"] [unique_id "Zo5PuDBSI-E84HQ_6ibjFQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-07-10 08:09:10
(2 months ago)
Scanning/Probing (124)
Request Overload (2741)
Brute-Force
Web App Attack
TPI-Abuse
2024-07-10 06:06:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 02:06:07.897144 2024] [security2:error] [pid 13755] [client 138.199.18.133:54460] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cnwire.com"] [uri "/wp-config.php"] [unique_id "Zo4kzwAWurKh3GobRfmRfAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-10 05:15:42
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.c ... show more (mod_security) mod_security (id:210492) triggered by 138.199.18.133 (unn-138-199-18-133.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 01:15:35.708621 2024] [security2:error] [pid 24829] [client 138.199.18.133:59291] [client 138.199.18.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acworthga.us"] [uri "/wp-config.php"] [unique_id "Zo4Y94Amiio6V99lPxNPdQAAABs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-07 07:40:12
(2 months ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
Anonymous
2024-06-27 04:47:09
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH