TPI-Abuse
2024-11-08 15:05:44
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 10:05:39.739267 2024] [security2:error] [pid 12655:tid 12655] [client 52.169.71.117:6612] [client 52.169.71.117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kitebeach.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy4owxR7gwtZkqBHC5DJBAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
robotstxt
2024-11-08 15:03:21
(2 months ago)
52.169.71.117 - - [08/Nov/2024:15:02:53 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 23818 "-" rt="0 ... show more 52.169.71.117 - - [08/Nov/2024:15:02:53 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 23818 "-" rt="0.090" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/about.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.091"
52.169.71.117 - - [08/Nov/2024:15:02:55 +0000] "GET /cgi-bin/cloud.php HTTP/1.1" 404 23818 "-" rt="0.097" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/cloud.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.096"
52.169.71.117 - - [08/Nov/2024:15:03:15 +0000] "GET /cgi-bin/xmrlpc.php?p= HTTP/1.1" 404 5 "-" rt="0.048" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/xmrlpc.php?p=" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="301" uct="0.000" urt="0.048"
52.169.71.117 - - [08/Nov/2024:15:03:17 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 23818 "-" rt="0.099" "-" "-" h="www.pastafarismo.es"
... show less
Bad Web Bot
mnsf
2024-11-08 15:03:10
(2 months ago)
Too many Status 40X (16)
Brute-Force
Web App Attack
Anonymous
2024-11-08 15:01:05
(2 months ago)
Open Source CMS Configuration File Requests
Hacking
Brute-Force
Apache
2024-11-08 15:00:01
(2 months ago)
(mod_security) mod_security (id:20000010) triggered by 52.169.71.117 (IE/Ireland/-): 5 in the last 3 ... show more (mod_security) mod_security (id:20000010) triggered by 52.169.71.117 (IE/Ireland/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
URAN Publishing Service
2024-11-08 14:59:51
(2 months ago)
52.169.71.117 - - [08/Nov/2024:16:59:50 +0200] "GET /wp-content/plugins/not/includes/about.php HTTP/ ... show more 52.169.71.117 - - [08/Nov/2024:16:59:50 +0200] "GET /wp-content/plugins/not/includes/about.php HTTP/1.1" 404 196 "-" "-"
52.169.71.117 - - [08/Nov/2024:16:59:50 +0200] "GET /wp-content/plugins/simple/simple.php HTTP/1.1" 404 196 "-" "-"
... show less
Web App Attack
sms.ru
2024-11-08 14:56:46
(2 months ago)
/wp-admin/js/about.php
Web App Attack
Anonymous
2024-11-08 14:53:11
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-08 14:46:02
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 09:45:54.341913 2024] [security2:error] [pid 22286:tid 22286] [client 52.169.71.117:6674] [client 52.169.71.117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "misogynyis.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy4kIgwiFu1SRo4kK3F12gAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-08 14:30:42
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.169.71.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 09:30:34.933692 2024] [security2:error] [pid 28813:tid 28825] [client 52.169.71.117:3478] [client 52.169.71.117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nesso.es"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zy4gigjSZqSo2ph1DPgFdAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-08 14:30:34
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH