ds6.net
2024-11-21 03:51:43
(1 week ago)
Blocked by CSF Firewall. Reason: lfd: (mod_security) mod_security (id:210492) triggered by 149.248.1 ... show more Blocked by CSF Firewall. Reason: lfd: (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (US/United States/viet01.com): 5 in the last 3600 secs - Fri Nov 15 02:32:02 2024 show less
Hacking
TPI-Abuse
2024-11-17 03:57:19
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 16 22:57:14.340051 2024] [security2:error] [pid 10641:tid 10860] [client 149.248.13.173:53420] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeanpaullederer.com"] [uri "/wp-config.php_cs-backup"] [unique_id "ZzlpmsULoRcsiYq7PvhAqgAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-15 15:43:28
(2 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 149.248.13.173 (US/United States/viet01 ... show more (mod_security) mod_security triggered on hostname [redacted] 149.248.13.173 (US/United States/viet01.com) show less
SQL Injection
TPI-Abuse
2024-11-15 04:37:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 23:37:31.360321 2024] [security2:error] [pid 21204:tid 21204] [client 149.248.13.173:50784] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "didactrend.com"] [uri "/wp-config.php_bckk"] [unique_id "ZzbQC-Oc4LekYYWWLuavSwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
MSZ
2024-11-14 18:48:08
(2 weeks ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-11-14 01:51:27
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 20:51:20.993382 2024] [security2:error] [pid 30488:tid 30497] [client 149.248.13.173:37524] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arizonasolutionsgroup.com"] [uri "/wp-config.php.bak"] [unique_id "ZzVXmJJa4lelucAWFi5ngwAAAMc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 23:37:50
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 18:37:43.113628 2024] [security2:error] [pid 16100:tid 16100] [client 149.248.13.173:43134] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanvaluesbooks.com"] [uri "/wp-config.php.zip"] [unique_id "ZzU4R0HMRSBwbL9_ndGqCwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2024-11-13 18:28:31
(2 weeks ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-11-13 17:12:47
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 12:12:42.151618 2024] [security2:error] [pid 25524:tid 25524] [client 149.248.13.173:40646] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "radicalchange.org"] [uri "/wp-config.php_bak"] [unique_id "ZzTeCsPUwMSnqcKCuoGHEAAAACA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 15:34:31
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 10:34:23.720510 2024] [security2:error] [pid 19497:tid 19497] [client 149.248.13.173:33064] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nessmonsters.com"] [uri "/wp-config.php_cs-backup"] [unique_id "ZzTG_wzmrMI7MGjgOXd-hwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 14:26:26
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 09:26:20.009820 2024] [security2:error] [pid 15001:tid 15036] [client 149.248.13.173:48674] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marilynoakes.com"] [uri "/wp-config.php_bak"] [unique_id "ZzS3DEdussN74PyrpQ74zwAAAJQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 12:15:22
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 07:15:17.669729 2024] [security2:error] [pid 4527:tid 4527] [client 149.248.13.173:33934] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "imbrasacademic.com"] [uri "/wp-config.php.old"] [unique_id "ZzSYVV-PEH90PHmes5cAogAAACc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-11-13 11:42:34
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (US/United States/viet01.com): 5 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (US/United States/viet01.com): 5 in the last 300 secs show less
Brute-Force
Web App Attack
TPI-Abuse
2024-11-13 08:48:58
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 03:48:53.878380 2024] [security2:error] [pid 14166:tid 14253] [client 149.248.13.173:45402] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chaoticperception.com"] [uri "/wp-config.php.bak"] [unique_id "ZzRn9Se81SwJJMhW9mUOqAAAAo0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 08:21:55
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 ... show more (mod_security) mod_security (id:210492) triggered by 149.248.13.173 (viet01.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 03:21:49.409814 2024] [security2:error] [pid 14708:tid 14708] [client 149.248.13.173:35726] [client 149.248.13.173] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "braunhausmedia.com"] [uri "/wp-config.php~"] [unique_id "ZzRhnVj9Oi8-zHI-23OlXgAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack