Anonymous
2024-10-15 08:56:58
(1 month ago)
wp admin page access attempt
...
Hacking
Web App Attack
LRob.fr
2024-10-15 08:08:21
(1 month ago)
Apache web server attack detected by Fail2Ban in plesk-apache jail
Web App Attack
TPI-Abuse
2024-10-15 05:05:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 15 01:05:22.287121 2024] [security2:error] [pid 22000:tid 22015] [client 52.169.24.106:6320] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clmtic.es"] [uri "/wp-config.php"] [unique_id "Zw34Eqx7Zu55cLiGCka-8QAAAMc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-15 04:11:28
(1 month ago)
Fail2Ban apache-noscript
Bad Web Bot
TPI-Abuse
2024-10-15 03:58:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 23:58:39.543071 2024] [security2:error] [pid 15110:tid 15110] [client 52.169.24.106:10509] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gatlintire.com"] [uri "/wp-config.php"] [unique_id "Zw3ob61cCKXiWnAwJlFRyQAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-15 02:39:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 22:39:00.881361 2024] [security2:error] [pid 24816:tid 24816] [client 52.169.24.106:8524] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emisoni.com"] [uri "/wp-config.php"] [unique_id "Zw3VxFpGIqgFs1xWWA4BxwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-15 02:16:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 22:16:27.743154 2024] [security2:error] [pid 30785:tid 30785] [client 52.169.24.106:10646] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.newisci.org"] [uri "/wp-config.php"] [unique_id "Zw3QezaCd2tz1QxlZ9e6SAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-15 01:41:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 21:41:12.289055 2024] [security2:error] [pid 2173:tid 2173] [client 52.169.24.106:3244] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.americanlegion935.com"] [uri "/wp-config.php"] [unique_id "Zw3IOKSAYsiiAU0lR8iUzQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-15 00:50:54
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-10-15 00:47:11
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 20:47:03.956570 2024] [security2:error] [pid 17450:tid 17450] [client 52.169.24.106:8169] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "schonmusic.com"] [uri "/wp-config.php"] [unique_id "Zw27hy6Cqq6z_G3q2MrNaAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-15 00:25:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 20:25:39.632864 2024] [security2:error] [pid 10660:tid 10660] [client 52.169.24.106:3669] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dynamic-therapy-mn.com"] [uri "/wp-config.php"] [unique_id "Zw22g6svNMW7yUc0IXV9SAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 23:31:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 19:30:59.374712 2024] [security2:error] [pid 12694:tid 12694] [client 52.169.24.106:3000] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shiverdigital.com"] [uri "/wp-config.php"] [unique_id "Zw2ps8hTE60hmtQA7i6mcQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 23:12:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 19:12:20.831369 2024] [security2:error] [pid 32066:tid 32066] [client 52.169.24.106:9269] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.oualierealty.com"] [uri "/wp-config.php"] [unique_id "Zw2lVP7kZQQjdHvAwTVkOgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
COMAITE
2024-10-14 22:54:30
(1 month ago)
Multiple web server 400 error codes from same source ip 52.169.24.106.
Web App Attack
TPI-Abuse
2024-10-14 22:32:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.24.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 18:32:28.093340 2024] [security2:error] [pid 8279:tid 8279] [client 52.169.24.106:5566] [client 52.169.24.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "papelandia.com.ve"] [uri "/wp-config.php"] [unique_id "Zw2b_HmMlOgo6ppYKnfrzAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack