TPI-Abuse
2025-01-23 06:16:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 23 01:16:26.250254 2025] [security2:error] [pid 4076366:tid 4076366] [client 216.24.213.40:52889] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thetribehouse.com"] [uri "/css/wp-config.php"] [unique_id "Z5HeuidQwd_rSAUUqFVI1AAAAEc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-23 04:37:27
(2 weeks ago)
$f2bV_matches
Brute-Force
Web App Attack
Bensay
2025-01-22 22:05:59
(2 weeks ago)
[Wed Jan 22 23:05:59.144325 2025] [proxy_fcgi:error] [pid 3689441:tid 3689441] [client 216.24.213.40 ... show more [Wed Jan 22 23:05:59.144325 2025] [proxy_fcgi:error] [pid 3689441:tid 3689441] [client 216.24.213.40:60757] AH01071: Got error 'Primary script unknown'
[Wed Jan 22 23:05:59.204260 2025] [proxy_fcgi:error] [pid 3716834:tid 3716834] [client 216.24.213.40:61616] AH01071: Got error 'Primary script unknown'
... show less
Hacking
Bad Web Bot
Web App Attack
[email protected]
2025-01-22 04:32:33
(2 weeks ago)
Brute force 196 attempts
DDoS Attack
SQL Injection
Brute-Force
SSH
Apache
2025-01-22 03:40:32
(2 weeks ago)
(mod_security) mod_security (id:20000010) triggered by 216.24.213.40 (US/United States/-): 5 in the ... show more (mod_security) mod_security (id:20000010) triggered by 216.24.213.40 (US/United States/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
TPI-Abuse
2025-01-22 03:35:40
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 22:35:34.332987 2025] [security2:error] [pid 638967:tid 638967] [client 216.24.213.40:61418] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ablg.net"] [uri "/css/wp-config.php"] [unique_id "Z5BnhhgPFucH3vHMt7NLswAAADk"] show less
Brute-Force
Bad Web Bot
Web App Attack
maxxsense
2025-01-22 02:01:12
(2 weeks ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 216.24.213.40 (US/United ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 216.24.213.40 (US/United States/-) show less
Port Scan
SysAdmin Dylan
2025-01-21 20:52:12
(2 weeks ago)
(CT) IP 216.24.213.40 (DE/Germany/-) found to have 295 connections; Ports: *; Direction: inout; Trig ... show more (CT) IP 216.24.213.40 (DE/Germany/-) found to have 295 connections; Ports: *; Direction: inout; Trigger: CT_LIMIT; Logs: show less
DDoS Attack
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-21 19:49:10
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 14:49:03.127148 2025] [security2:error] [pid 12064:tid 12064] [client 216.24.213.40:59104] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "struver.net"] [uri "/css/wp-config.php"] [unique_id "Z4_6Lw7QVhiJpQakPlExmAAAACQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2025-01-21 17:43:21
(2 weeks ago)
Web Spam
TPI-Abuse
2025-01-21 17:05:13
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 12:05:10.004265 2025] [security2:error] [pid 18015:tid 18015] [client 216.24.213.40:59694] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "joshuarawlings.com"] [uri "/css/wp-config.php"] [unique_id "Z4_TxiJZxK8sot9Hs0oFwgAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-21 14:19:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 09:19:32.457592 2025] [security2:error] [pid 28430:tid 28430] [client 216.24.213.40:53145] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pontiacpalace.com"] [uri "/css/wp-config.php"] [unique_id "Z4-s9G3tkjkSKNLDTmK8CQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-17 21:35:15
(3 weeks ago)
wordpress-trap
Web App Attack
cmbplf
2025-01-17 11:02:47
(3 weeks ago)
5.897 4xx requests in 1 hour (4d2h9m)
Brute-Force
Bad Web Bot
TPI-Abuse
2025-01-17 07:57:26
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.24.213.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 02:57:23.259600 2025] [security2:error] [pid 2531964:tid 2531964] [client 216.24.213.40:58068] [client 216.24.213.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "diveron.com"] [uri "/css/wp-config.php"] [unique_id "Z4oNY20NSL2rtTfKLJ1u2QAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack