TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 03:17:24.481123 2024] [security2:error] [pid 3687:tid 3758] [client 45.8.148.214:53074] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "truthjusticecommission.com"] [uri "/wp-config.php"] [unique_id "Zrm3BLo34eBzPj5EQcaSaAAAA00"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 20:49:59.523934 2024] [security2:error] [pid 20749:tid 20749] [client 45.8.148.214:63135] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "westonfamily.org"] [uri "/wp-config.php"] [unique_id "ZrlcN3s2Dp-67sAr6d_gmQAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
COMAITE
|
|
Multiple web server 400 error codes from same source ip 45.8.148.214.
|
Web App Attack
|
|
zynex
|
|
URL Probing: /wp-cXjq2.php
|
Web App Attack
|
|
Anonymous
|
|
$f2bV_matches
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 03:54:34.927785 2024] [security2:error] [pid 15910:tid 15910] [client 45.8.148.214:57020] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vincentbrown.me"] [uri "/wp-config.php"] [unique_id "ZrccumTQKqJgWEoaeBuOAAAAAAY"], referer: http://vincentbrown.com/wp-config.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
mnsf
|
|
Too many Status 40X (365)
Scanning/Probing (26)
Request Overload (805)
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 20:27:52.996046 2024] [security2:error] [pid 17672:tid 17672] [client 45.8.148.214:57618] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "voiceprojoe.com"] [uri "/wp-config.php"] [unique_id "Zra0CJYQoIaAVoGBW-GZzQAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 18:52:30.862787 2024] [security2:error] [pid 27216:tid 27216] [client 45.8.148.214:57480] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proprocessor.com"] [uri "/wp-config.php"] [unique_id "Zradrk7LYYxjanM4C_bPfAAAAAQ"], referer: http://venisonsausageprocessing.com/wp-config.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 05:29:09.681575 2024] [security2:error] [pid 18749:tid 18749] [client 45.8.148.214:51565] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.voodooshop.com"] [uri "/wp-config.php"] [unique_id "ZrXhZQcLAHBA4qFHlKFRUQAAABw"], referer: http://voodooauthentica.com/wp-config.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 21:10:05.188067 2024] [security2:error] [pid 17438:tid 17438] [client 45.8.148.214:58313] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wisdomwfm.com"] [uri "/wp-config.php"] [unique_id "ZrVsbb5XstV9Mv3ZZ9802QAAABY"], referer: http://wisdomopolis.com/wp-config.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 ... show more(mod_security) mod_security (id:210492) triggered by 45.8.148.214 (vmi2000740.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 17:37:51.929887 2024] [security2:error] [pid 11994:tid 11994] [client 45.8.148.214:56406] [client 45.8.148.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "windermerewatch2.com"] [uri "/wp-config.php"] [unique_id "ZrU6r1Y1RCWpEWVFIozG8AAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
URAN Publishing Service
|
|
45.8.148.214 - - [05/Aug/2024:18:55:04 +0300] "GET /cgi-bin/inputs.php HTTP/1.1" 404 441 "-" "Mozill ... show more45.8.148.214 - - [05/Aug/2024:18:55:04 +0300] "GET /cgi-bin/inputs.php HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
... show less
|
Web App Attack
|
|