TPI-Abuse
2024-11-18 04:01:03
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 157.245.147.135 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.245.147.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 17 23:00:57.817079 2024] [security2:error] [pid 13936:tid 13936] [client 157.245.147.135:55997] [client 157.245.147.135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturalpozzolanassociation.org"] [uri "/wp-config.php"] [unique_id "Zzq7-Q8zekpLQdv5HAVqjwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-17 15:26:41
(2 weeks ago)
Fail2Ban apache-noscript
Bad Web Bot
URAN Publishing Service
2024-11-16 08:33:11
(2 weeks ago)
157.245.147.135 - - [16/Nov/2024:10:33:09 +0200] "GET /wp-content/plugins/ HTTP/1.1" 404 279 "-" "fa ... show more 157.245.147.135 - - [16/Nov/2024:10:33:09 +0200] "GET /wp-content/plugins/ HTTP/1.1" 404 279 "-" "fasthttp"
... show less
Web App Attack
URAN Publishing Service
2024-11-15 19:19:22
(3 weeks ago)
157.245.147.135 - - [15/Nov/2024:21:19:20 +0200] "GET /wp-content/plugins/ HTTP/1.1" 404 279 "-" "fa ... show more 157.245.147.135 - - [15/Nov/2024:21:19:20 +0200] "GET /wp-content/plugins/ HTTP/1.1" 404 279 "-" "fasthttp"
157.245.147.135 - - [15/Nov/2024:21:19:21 +0200] "GET /wp-content/ HTTP/1.1" 404 279 "-" "fasthttp"
... show less
Web App Attack
Anonymous
2024-11-15 05:12:22
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-12 15:11:04
(3 weeks ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-11-12 07:15:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 157.245.147.135 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 157.245.147.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 12 02:15:09.865747 2024] [security2:error] [pid 18676:tid 18676] [client 157.245.147.135:56311] [client 157.245.147.135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "designersdock.com"] [uri "/wp-config.php"] [unique_id "ZzMAfVOdCnwNpmF3lDUuKwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mediashaker
2024-11-12 02:55:45
(3 weeks ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 157.245.147.135 (SG/Sing ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 157.245.147.135 (SG/Singapore/-) show less
Port Scan
Anonymous
2024-11-12 01:24:12
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
mnsf
2024-11-11 23:04:12
(3 weeks ago)
Scanning/Probing (92)
Request Overload (2118)
Brute-Force
Web App Attack
hostseries
2024-11-11 16:07:05
(3 weeks ago)
Trigger: LF_MODSEC
Brute-Force
Anonymous
2024-11-11 15:58:53
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH
cmbplf
2024-11-11 11:36:17
(3 weeks ago)
266 requests to */.well-known/pki-validation/*.php
Brute-Force
Bad Web Bot
Anonymous
2024-11-11 09:07:00
(3 weeks ago)
wordpress-trap
Web App Attack