MAGIC
2024-09-08 22:05:25
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-08-30 15:37:44
(3 weeks ago)
Aggressive web scan
Web App Attack
diego
2024-08-10 23:23:04
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
DDoS Attack
TPI-Abuse
2024-08-05 18:39:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 14:39:46.707583 2024] [security2:error] [pid 8220:tid 8220] [client 156.146.41.198:58843] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qcyprus.com"] [uri "/wp-config.php"] [unique_id "ZrEccrSub6ADoOTs77VAvgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-05 12:37:08
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-05 06:42:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 02:42:50.883960 2024] [security2:error] [pid 9786:tid 9786] [client 156.146.41.198:61829] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freemanfoundationcle.org"] [uri "/wp-config.php"] [unique_id "ZrB0aiBO-okzsKGH-txU5gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 05:21:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 01:21:14.567104 2024] [security2:error] [pid 3928:tid 3928] [client 156.146.41.198:49471] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "usagreenrecycling.com"] [uri "/wp-config.php"] [unique_id "ZrBhSjjcWfl6IM_JThta8wAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 03:27:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 23:27:05.096254 2024] [security2:error] [pid 8840:tid 8840] [client 156.146.41.198:58089] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.surveyiowa.com"] [uri "/wp-config.php"] [unique_id "ZrBGiabar0xe-JxQUqJlDwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-05 01:40:01
(1 month ago)
wordpress-trap
Web App Attack
polycoda
2024-08-04 10:55:00
(1 month ago)
Requests a ton of inexistent PHP scripts
Hacking
Web App Attack
openstrike.co.uk
2024-08-04 05:13:02
(1 month ago)
96 attacks on PHP URLs:
GET /maRR.php/Clouds25$$/ HTTP/1.1
Web App Attack
Mediashaker
2024-08-04 04:16:41
(1 month ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 156.146.41.198 (IT/Italy ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 156.146.41.198 (IT/Italy/unn-156-146-41-198.cdn77.com) show less
Port Scan
TPI-Abuse
2024-08-04 02:03:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 22:03:23.674905 2024] [security2:error] [pid 7896:tid 7896] [client 156.146.41.198:51278] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.srtalent.indie100.com"] [uri "/wp-config.php"] [unique_id "Zq7ha9TnZy7N39QQxlp6GQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-03 10:19:47
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 06:19:42.762428 2024] [security2:error] [pid 31525:tid 31525] [client 156.146.41.198:61952] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.jsw4.net"] [uri "/wp-config.php"] [unique_id "Zq4EPmgRbtvZGVW0yqDCgwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-03 09:33:05
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): ... show more (mod_security) mod_security (id:210492) triggered by 156.146.41.198 (unn-156-146-41-198.cdn77.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 05:32:59.197875 2024] [security2:error] [pid 31075:tid 31075] [client 156.146.41.198:53819] [client 156.146.41.198] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.brayantoursloscabos.com"] [uri "/wp-config.php"] [unique_id "Zq35S97-VgFII_anneVErAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack