TPI-Abuse
2024-11-08 22:34:55
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 17:34:41.953032 2024] [security2:error] [pid 19107:tid 19107] [client 45.92.229.49:26053] [client 45.92.229.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.21"] [uri "/.env"] [unique_id "Zy6SAfoVHf77mYfFIR54mAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
bigorre.org
2024-10-22 13:55:15
(1 month ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
Anonymous
2024-09-19 04:41:01
(2 months ago)
Malicious activity detected
Hacking
Web App Attack
london2038.com
2024-08-30 14:59:18
(3 months ago)
Too many failed requests
45.92.229.49 - - [30/Aug/2024:16:57:28 +0200] "GET /xmrlpc.php HTTP/2 ... show more Too many failed requests
45.92.229.49 - - [30/Aug/2024:16:57:28 +0200] "GET /xmrlpc.php HTTP/2.0" 404 38871 "http://<REDACTED>/xmrlpc.php" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:57:29 +0200] "GET /alfa-rex.php56 HTTP/2.0" 404 38873 "http://<REDACTED>/alfa-rex.php56" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:57:30 +0200] "GET /ioxi002.PhP7 HTTP/2.0" 404 38873 "http://<REDACTED>/ioxi002.PhP7" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:57:42 +0200] "GET /css/ HTTP/2.0" 404 38873 "https://<REDACTED>/css/index.php" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:57:48 +0200] "GET /upload.php HTTP/2.0" 404 38873 "http://<REDACTED>/upload.php" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:57:59 +0200] "GET /themes.php? HTTP/2.0" 404 38872 "http://<REDACTED>/themes.php?" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:58:25 +0200] "GET /cjfuns.php HTTP/2.0" 404 38873 "http://<REDACTED>/cjfuns.php" "Go-http-client/2.0"
45.92.229.49 - - [30/Aug/2024:16:58:26
... show less
Web Spam
Bad Web Bot
TPI-Abuse
2024-08-29 15:25:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 11:25:31.562073 2024] [security2:error] [pid 28712:tid 28712] [client 45.92.229.49:64779] [client 45.92.229.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abilityimprinting.com"] [uri "/wp-config.php"] [unique_id "ZtCS68psHOhWC9w17WEpPAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Jim Keir
2024-08-28 12:52:26
(3 months ago)
2024-08-28 12:52:25 45.92.229.49 File scanning, blocking 45.92.229.49 for 5 minutes
Web App Attack
Jim Keir
2024-08-28 11:20:08
(3 months ago)
2024-08-28 11:20:07 45.92.229.49 File scanning, blocking 45.92.229.49 for 5 minutes
Web App Attack
TPI-Abuse
2024-08-28 09:00:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 05:00:48.648744 2024] [security2:error] [pid 25039:tid 25039] [client 45.92.229.49:31897] [client 45.92.229.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "akistech.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zs7nQLBZjeGGA9w9JDqtTwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-28 03:19:52
(3 months ago)
wordpress-trap
Web App Attack
Mendip_Defender
2024-08-28 03:18:21
(3 months ago)
45.92.229.49 - - [28/Aug/2024:04:18:21 +0100] "GET /wp-includes/widgets/include.php HTTP/1.1" 403 14 ... show more 45.92.229.49 - - [28/Aug/2024:04:18:21 +0100] "GET /wp-includes/widgets/include.php HTTP/1.1" 403 146 "-" "Go-http-client/1.1"
45.92.229.49 - - [28/Aug/2024:04:18:22 +0100] "GET /wp-content/themes/include.php HTTP/1.0" 404 180 "-" "Go-http-client/1.1"
... show less
Hacking
Web App Attack
TPI-Abuse
2024-08-27 16:22:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.92.229.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 27 12:22:04.989253 2024] [security2:error] [pid 10988:tid 11052] [client 45.92.229.49:40433] [client 45.92.229.49] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aclarityforensics.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zs39LG8_36oRFBQd5lszdwAAAMM"], referer: http://aclarityforensics.com/wp-content/plugins/wp-config.php show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-08-27 11:58:36
(3 months ago)
(mod_security) mod_security (id:20000010) triggered by 45.92.229.49 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:20000010) triggered by 45.92.229.49 (US/United States/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
hostseries
2024-08-24 22:22:27
(3 months ago)
Trigger: LF_MODSEC
Brute-Force
Anonymous
2024-08-23 23:04:41
(3 months ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-22 00:14:49
(3 months ago)
wordpress-trap
Web App Attack