TPI-Abuse
2024-11-08 22:34:53
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 17:34:38.800106 2024] [security2:error] [pid 14858:tid 14858] [client 45.92.229.43:27887] [client 45.92.229.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.10"] [uri "/.env"] [unique_id "Zy6R_k7rJbDHqLc_YN4QDwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 15:37:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 11:37:12.390885 2024] [security2:error] [pid 7946:tid 7946] [client 45.92.229.43:12255] [client 45.92.229.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abilityengraving.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZtCVqNXPhvnjX7GnntD7GQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Jim Keir
2024-08-28 12:53:24
(3 months ago)
2024-08-28 12:53:23 45.92.229.43 File scanning, blocking 45.92.229.43 for 5 minutes
Web App Attack
TPI-Abuse
2024-08-28 11:53:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 07:53:46.017551 2024] [security2:error] [pid 3703:tid 3720] [client 45.92.229.43:3849] [client 45.92.229.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brucejoell.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zs8PyqBnZ-IzoMU3BU_0OgAAAIs"], referer: http://brucejoell.com/wp-content/plugins/wp-config.php show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-08-28 03:23:45
(3 months ago)
45.92.229.43 - - [28/Aug/2024:04:23:46 +0100] "GET /assets/dropdown.php HTTP/1.0" 404 1047 "-" "Go-h ... show more 45.92.229.43 - - [28/Aug/2024:04:23:46 +0100] "GET /assets/dropdown.php HTTP/1.0" 404 1047 "-" "Go-http-client/1.1"
45.92.229.43 - - [28/Aug/2024:04:23:46 +0100] "GET /wp-content/themes/travel/issue.phpp HTTP/1.0" 404 1047 "-" "Go-http-client/1.1"
... show less
Hacking
Web App Attack
Anonymous
2024-08-28 03:02:30
(3 months ago)
wordpress-trap
Web App Attack
Apache
2024-08-27 22:35:25
(3 months ago)
(mod_security) mod_security (id:20000010) triggered by 45.92.229.43 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:20000010) triggered by 45.92.229.43 (US/United States/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
TPI-Abuse
2024-08-26 17:46:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 13:46:44.801367 2024] [security2:error] [pid 21658:tid 21658] [client 45.92.229.43:3167] [client 45.92.229.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3penguinsdesign.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zsy_hADhlc08tI_PLulPdQAAADI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-25 21:36:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 17:36:39.282758 2024] [security2:error] [pid 2872:tid 2872] [client 45.92.229.43:56285] [client 45.92.229.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalessalesandservice.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zsuj5_850kklWvo1Hx-wWAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-23 22:45:28
(3 months ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-22 00:08:45
(3 months ago)
wordpress-trap
Web App Attack
4server
2024-08-21 12:56:17
(3 months ago)
[WedAug2114:53:41.1832472024][security2:error][pid2266684:tid2266717][client45.92.229.43:0][client45 ... show more [WedAug2114:53:41.1832472024][security2:error][pid2266684:tid2266717][client45.92.229.43:0][client45.92.229.43]ModSecurity:Accessdeniedwithcode500\(phase2\).Patternmatch\"\(\?:perl.\*\\\\\\\\.pl\(\\\\\\\\s\|\\\\\\\\t\)\*\\\\\\\\\;\|\\\\\\\\\;\(\\\\\\\\s\|\\\\\\\\t\)\*perl.\*\\\\\\\\.pl\|perl\(\?:xpl\\\\\\\\.pl\|kut\|viewde\|httpd\\\\\\\\.txt\)\|\\\\\\\\./xkernel\\\\\\\\\;\|/kaiten\\\\\\\\.c\|/mampus\\\\\\\\\?\ show less
Port Scan
Brute-Force
Web App Attack
URAN Publishing Service
2024-08-21 04:06:35
(3 months ago)
45.92.229.43 - - [21/Aug/2024:07:06:32 +0300] "GET /cgi-bin/wp-2019.php HTTP/1.1" 404 437 "-" "Go-ht ... show more 45.92.229.43 - - [21/Aug/2024:07:06:32 +0300] "GET /cgi-bin/wp-2019.php HTTP/1.1" 404 437 "-" "Go-http-client/1.1"
45.92.229.43 - - [21/Aug/2024:07:06:32 +0300] "GET /wp-content/ice.php HTTP/1.1" 404 274 "-" "Go-http-client/1.1"
... show less
Web App Attack
Anonymous
2024-08-21 03:33:59
(3 months ago)
wordpress-trap
Web App Attack
mnsf
2024-08-21 01:08:22
(3 months ago)
Scanning/Probing (15)
Request Overload (448)
Brute-Force
Web App Attack