etu brutus
|
|
165.22.97.152 has been banned for [WebApp Attack]
...
|
Hacking
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 15 05:03:43.863358 2024] [security2:error] [pid 4201:tid 4201] [client 165.22.97.152:51274] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reettaanttila.com"] [uri "/wp-config.php"] [unique_id "ZpTl75IoiORXuKdV2unQBAAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 14 14:51:25.292623 2024] [security2:error] [pid 340:tid 47768515159808] [client 165.22.97.152:64668] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gilesrentalcars.com"] [uri "/wp-config.php"] [unique_id "ZpQeLepf5Plhf7uyLgut_AAAABQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
mnsf
|
|
Scanning/Probing (131)
Request Overload (2561)
|
Brute-Force
Web App Attack
|
|
Savvii
|
|
20 attempts against mh-misbehave-ban on redirect
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 14 07:02:14.543550 2024] [security2:error] [pid 32296] [client 165.22.97.152:65458] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rescuedpekes.aarce.me"] [uri "/wp-config.php"] [unique_id "ZpOwNsEjUf6z3i_zACrI9wAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
HoneyPotEU02
|
|
wordpress-trap
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 15:26:38.365007 2024] [security2:error] [pid 2032729] [client 165.22.97.152:64457] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joukoji.ichi51e.net"] [uri "/wp-config.php"] [unique_id "ZpLU7tg_9QXdzDTJikTSZwAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
zynex
|
|
URL Probing: /nf_tracking.php
|
Web App Attack
|
|
vlamke
|
|
[Sat Jul 13 08:21:10.046531 2024] [authz_core:error] [pid 416316:tid 140470629906176] [client 165.22 ... show more[Sat Jul 13 08:21:10.046531 2024] [authz_core:error] [pid 416316:tid 140470629906176] [client 165.22.97.152:53052] AH01630: client denied by server configuration: /var/www/clients/client1/web10/web/libraries/joomla
[Sat Jul 13 08:22:31.750807 2024] [authz_core:error] [pid 711792:tid 140470621513472] [client 165.22.97.152:55354] AH01630: client denied by server configuration: /var/www/clients/client1/web10/web/libraries/legacy
[Sat Jul 13 08:22:31.927816 2024] [authz_core:error] [pid 711792:tid 140470655084288] [client 165.22.97.152:55354] AH01630: client denied by server configuration: /var/www/clients/client1/web10/web/libraries/vendor/ show less
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 21:11:38.090988 2024] [security2:error] [pid 24294] [client 165.22.97.152:61912] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markshvarts.com"] [uri "/wp-config.php"] [unique_id "ZpHUSrwQEFYrmdR3ptEAJAAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 20:05:49.228193 2024] [security2:error] [pid 1667507] [client 165.22.97.152:62100] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "addpromo.net"] [uri "/wp-config.php"] [unique_id "ZpHE3SjDzxLBo4OMLH1mJQAAABI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Savvii
|
|
20 attempts against mh-misbehave-ban on redirect
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
HoneyPotEU02
|
|
wordpress-trap
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 165.22.97.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 03:13:51.631906 2024] [security2:error] [pid 18755] [client 165.22.97.152:59010] [client 165.22.97.152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leonardodecaprio.com"] [uri "/wp-config.php"] [unique_id "ZpDXr5PyFRqdKkxaAEKYVgAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|