TPI-Abuse
2024-11-20 21:35:29
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 16:35:22.004025 2024] [security2:error] [pid 22600:tid 22600] [client 139.59.246.214:50557] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eye7graphics.com"] [uri "/wp-config.php"] [unique_id "Zz5WGphdMMqIonRh02JpXwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-20 20:53:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 15:53:17.476371 2024] [security2:error] [pid 17003:tid 17003] [client 139.59.246.214:54703] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "exresearch.com"] [uri "/wp-config.php"] [unique_id "Zz5MPQNjcK9eksGyI8lADQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
expandmade.com
2024-11-20 20:12:16
(1 week ago)
trolling for resource vulnerabilities [20/Nov/2024:20:12:16 "GET /wp-content/plugins/newsfeed/bbh.ph ... show more trolling for resource vulnerabilities [20/Nov/2024:20:12:16 "GET /wp-content/plugins/newsfeed/bbh.php"] show less
Web App Attack
TPI-Abuse
2024-11-20 18:45:40
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 13:45:34.245701 2024] [security2:error] [pid 14930:tid 14930] [client 139.59.246.214:59850] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eventsetcinc.com"] [uri "/wp-config.php"] [unique_id "Zz4uTnD6u_xDu97gle0p3AAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-20 08:26:13
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 03:26:05.857327 2024] [security2:error] [pid 32424:tid 32460] [client 139.59.246.214:56030] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eliteattorneys.com"] [uri "/wp-config.php"] [unique_id "Zz2dHcdiemNWXyOkPbX5EQAAAcc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-20 07:57:05
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 20 02:57:00.323011 2024] [security2:error] [pid 24012:tid 24012] [client 139.59.246.214:63310] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiarhythmproject.org"] [uri "/wp-config.php"] [unique_id "Zz2WTLNwPW97ibwYElk5kQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-18 21:58:52
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 18 16:58:49.172468 2024] [security2:error] [pid 32555:tid 32555] [client 139.59.246.214:58214] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shaunthomas.com"] [uri "/wp-config.php"] [unique_id "Zzu4mVaKzemQA8gvmShQGgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-11-17 07:55:05
(2 weeks ago)
139.59.246.214 - - [17/Nov/2024:07:55:11 +0000] "GET /.well-known/wincust.php HTTP/1.0" 404 1047 "-" ... show more 139.59.246.214 - - [17/Nov/2024:07:55:11 +0000] "GET /.well-known/wincust.php HTTP/1.0" 404 1047 "-" "fasthttp"
139.59.246.214 - - [17/Nov/2024:07:55:11 +0000] "GET /wp-content/themes/newsfeed-theme/newsfeed.php HTTP/1.0" 404 1047 "-" "fasthttp"
... show less
Hacking
Web App Attack
TPI-Abuse
2024-11-16 19:52:04
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 16 14:51:58.293209 2024] [security2:error] [pid 18592:tid 18592] [client 139.59.246.214:58838] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beechleafdesign.com"] [uri "/wp-config.php"] [unique_id "Zzj33sUg76p1xiaNcN7JYwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-15 08:50:19
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
hostseries
2024-11-15 06:06:17
(2 weeks ago)
Trigger: LF_MODSEC
Brute-Force
TPI-Abuse
2024-11-14 11:06:41
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 06:06:34.599824 2024] [security2:error] [pid 27520:tid 27520] [client 139.59.246.214:51529] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acquivest.net"] [uri "/wp-config.php"] [unique_id "ZzXZutFqPIaEwKPa7sZZ3AAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-14 05:54:07
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-13 19:27:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 14:27:30.396658 2024] [security2:error] [pid 12742:tid 12742] [client 139.59.246.214:57800] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "97201.com"] [uri "/wp-config.php"] [unique_id "ZzT9onyDxcniiNV4M5bjowAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 10:30:10
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 139.59.246.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 05:30:05.362841 2024] [security2:error] [pid 3679:tid 3679] [client 139.59.246.214:52989] [client 139.59.246.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "21north.com"] [uri "/wp-config.php"] [unique_id "ZzR_rWlnkxD3z48E0DGgLAAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack