TPI-Abuse
2024-10-14 21:43:08
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 17:43:05.096412 2024] [security2:error] [pid 11150:tid 11150] [client 52.169.24.106:12935] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robinnixon.com"] [uri "/wp-config.php"] [unique_id "Zw2QabSbPkbpygCm9EVBrQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
rakkor
2024-10-14 21:40:26
(1 month ago)
2024/10/14 22:40:25 [error] 7133#7133: *3990357 FastCGI sent in stderr: "Primary script unknown" whi ... show more 2024/10/14 22:40:25 [error] 7133#7133: *3990357 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 52.169.24.106, server: , request: "GET /wp-includes/wp-load.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-925b669d-80ec-41dd-b8c8-bf5a26d831bf.sock:", host: "rakkor.me.uk"
... show less
Hacking
Brute-Force
Rizzy
2024-10-14 21:38:15
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
archiv-pm
2024-10-14 21:34:15
(1 month ago)
Probing for resource vulnerabilities HTTP(S)
Web App Attack
TPI-Abuse
2024-10-14 20:47:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 16:47:28.304278 2024] [security2:error] [pid 13640:tid 13640] [client 52.169.24.106:12485] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "victorvictorinc.com"] [uri "/wp-config.php"] [unique_id "Zw2DYDUkdTompQffHHTpfAAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 20:19:47
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 16:19:44.275599 2024] [security2:error] [pid 20377:tid 20377] [client 52.169.24.106:8470] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cinemastation.de"] [uri "/en/index.html/wp-config.php"] [unique_id "Zw184DZjmJAfIrk1yjdWVQAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-14 20:10:16
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 52.169.24.106 (IE/Ireland/-)
SQL Injection
TPI-Abuse
2024-10-14 19:52:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 15:52:19.387960 2024] [security2:error] [pid 30231:tid 30231] [client 52.169.24.106:4722] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kvaziri.com"] [uri "/wp-config.php"] [unique_id "Zw12c1w4KyYERBqdQCacOgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
nekopavel
2024-10-14 19:39:11
(1 month ago)
52.169.24.106 - - [14/Oct/2024:21:39:07 +0200]"GET /wp-includes/wp-load.php HTTP/1.1" 301 162"-" mis ... show more 52.169.24.106 - - [14/Oct/2024:21:39:07 +0200]"GET /wp-includes/wp-load.php HTTP/1.1" 301 162"-" mishashto.com "-""0.000" "-""Dublin" "IE"
52.169.24.106 - - [14/Oct/2024:21:39:07 +0200]"GET /wp-includes/wp-load.php HTTP/1.1" 404 1925"-" mishashto.com "-""0.004" "0.001""Dublin" "IE"
52.169.24.106 - - [14/Oct/2024:21:39:07 +0200]"GET /wp-includes/SimplePie/about.php HTTP/1.1" 301 162"-" mishashto.com "-""0.000" "-""Dublin" "IE"
... show less
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 19:26:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 15:26:15.294466 2024] [security2:error] [pid 18756:tid 18756] [client 52.169.24.106:5110] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pakistanvision.com"] [uri "/wp-config.php"] [unique_id "Zw1wV8DLcZh3zzGQIVWttQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 18:58:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 14:58:21.303318 2024] [security2:error] [pid 12906:tid 12906] [client 52.169.24.106:6561] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "models.teenyb.com"] [uri "/wp-config.php"] [unique_id "Zw1pzT82NeZ2g33-UaqOLgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 18:37:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 14:37:42.871591 2024] [security2:error] [pid 2225:tid 2225] [client 52.169.24.106:8513] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.domainexecs.com"] [uri "/wp-config.php"] [unique_id "Zw1k9mgTTmmC8IN1ZWp3CAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-10-14 18:24:17
(1 month ago)
462 requests to */.well-known/acme-challenge/*.php
432 requests to */.well-known/pki-validat ... show more 462 requests to */.well-known/acme-challenge/*.php
432 requests to */.well-known/pki-validation/*.php show less
Brute-Force
Bad Web Bot
Anonymous
2024-10-14 18:21:13
(1 month ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-10-14 18:16:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 14:16:09.692054 2024] [security2:error] [pid 32562:tid 32562] [client 52.169.24.106:7643] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pointillistic.com"] [uri "/ren//wp-config.php"] [unique_id "Zw1f6dQPLcFximxuIWZQUwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack