TPI-Abuse
2024-10-03 01:22:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 21:22:00.298409 2024] [security2:error] [pid 31940:tid 31940] [client 52.178.129.74:9354] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jackiemaloneylaw.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3xuDHkwPoWsH3ucfpBiwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
SpeedIT Solutions
2024-10-03 01:13:56
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 52.178.129.74 (IE/Ireland/-): (CF_ENAB ... show more (mod_security) mod_security triggered on hostname [redacted] 52.178.129.74 (IE/Ireland/-): (CF_ENABLE) show less
SQL Injection
URAN Publishing Service
2024-10-03 00:20:33
(2 months ago)
52.178.129.74 - - [03/Oct/2024:03:20:29 +0300] "GET /wp-content/themes/sketch/404.php HTTP/1.1" 404 ... show more 52.178.129.74 - - [03/Oct/2024:03:20:29 +0300] "GET /wp-content/themes/sketch/404.php HTTP/1.1" 404 196 "-" "-"
52.178.129.74 - - [03/Oct/2024:03:20:32 +0300] "GET /wp-includes/bak.php HTTP/1.1" 404 196 "-" "-"
... show less
Web App Attack
Anonymous
2024-10-03 00:14:54
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-02 23:56:52
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 52.178.129.74 (IE/Ireland/-)
SQL Injection
TPI-Abuse
2024-10-02 23:21:29
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 19:21:23.502116 2024] [security2:error] [pid 13206:tid 13231] [client 52.178.129.74:6776] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vinylnotespodcast.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3Vc4RJr1wSlPNN7xRLFQAAAJc"] show less
Brute-Force
Bad Web Bot
Web App Attack
QT
2024-10-02 22:50:08
(2 months ago)
Website hack attempted at 2024-10-03 08:50:03 +1000
Web App Attack
TPI-Abuse
2024-10-02 22:19:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 18:19:10.609361 2024] [security2:error] [pid 24689:tid 24689] [client 52.178.129.74:7177] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "broadcastmonitor.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3G3tFiEUCHcd8MOxnSZgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-10-02 22:07:10
(2 months ago)
Too many Status 40X (17)
Brute-Force
Web App Attack
TPI-Abuse
2024-10-02 21:36:49
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 17:36:44.725938 2024] [security2:error] [pid 10872:tid 10872] [client 52.178.129.74:6778] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jesusthechristministry.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv287KZfFwwNaEvSH8UPWQAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 21:08:31
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 17:08:25.606623 2024] [security2:error] [pid 7429:tid 7429] [client 52.178.129.74:9576] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "performingartsguild.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv22Sch9Mfd7V1ANbDZNggAAABk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 21:06:33
(2 months ago)
wordpress-trap
Web App Attack
penjaga BRIN
2024-10-02 21:06:11
(2 months ago)
Multiple BOT Scanning Attack Detected from same source ip.-111
Web App Attack
syokadmin
2024-10-02 20:58:30
(2 months ago)
(PERMBLOCK) 52.178.129.74 (IE/Ireland/-) has had more than 2 temp blocks in the last 86400 secs
Brute-Force
Hazzard
2024-10-02 20:56:26
(2 months ago)
52.178.129.74 (IE/Ireland/Leinster/Dublin/-/[redacted]), more than 60 Apache 403 hits
Hacking