TPI-Abuse
2024-10-02 20:39:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 16:39:04.496351 2024] [security2:error] [pid 30094:tid 30094] [client 52.178.129.74:3718] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peregrineproject.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2vaLVjVFgr4zhobhKp6wAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-10-02 20:39:03
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
TPI-Abuse
2024-10-02 20:10:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 16:10:11.066559 2024] [security2:error] [pid 14728:tid 14728] [client 52.178.129.74:9352] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campconcerto.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2oozZ13MgRs0aJdG10XgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 19:20:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 15:20:18.953851 2024] [security2:error] [pid 26478:tid 26478] [client 52.178.129.74:8696] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "guitarsouth.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2c8tQGec0NwRlGFQXsJwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 18:19:13
(2 months ago)
Fail2Ban apache-noscript
Bad Web Bot
MAGIC
2024-10-02 18:02:41
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-10-02 17:47:20
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 13:47:16.147764 2024] [security2:error] [pid 25922:tid 25930] [client 52.178.129.74:3080] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hawk-av.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2HJPVxUHGemiW4UtsWqgAAAUY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 17:07:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 13:07:16.049225 2024] [security2:error] [pid 22175:tid 22175] [client 52.178.129.74:3601] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "progresstraining.info"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv19xPi9eUmqCjHsdma7rwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 16:43:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 12:43:13.552748 2024] [security2:error] [pid 26465:tid 26465] [client 52.178.129.74:3969] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aslproud.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv14IUvccZlttA68mVeljwAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
syokadmin
2024-10-02 16:28:34
(2 months ago)
(mod_security) mod_security (id:77316861) triggered by 52.178.129.74 (IE/Ireland/-): 1 in the last 3 ... show more (mod_security) mod_security (id:77316861) triggered by 52.178.129.74 (IE/Ireland/-): 1 in the last 3600 secs show less
Brute-Force
TPI-Abuse
2024-10-02 16:27:13
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 12:27:10.235577 2024] [security2:error] [pid 9511:tid 9511] [client 52.178.129.74:9301] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wholesaleglassjars.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv10Xs6NWYHxILvlGs5n8gAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 15:54:29
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 11:54:25.659812 2024] [security2:error] [pid 13782:tid 13782] [client 52.178.129.74:3600] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cougarcrusade.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv1ssegFjcqtpkHjD3pPqgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 15:47:10
(2 months ago)
Open Source CMS Configuration File Requests
Hacking
Brute-Force
cmbplf
2024-10-02 15:23:29
(2 months ago)
238 requests to */.well-known/acme-challenge/*.php
217 requests to */.well-known/pki-validat ... show more 238 requests to */.well-known/acme-challenge/*.php
217 requests to */.well-known/pki-validation/*.php show less
Brute-Force
Bad Web Bot
TPI-Abuse
2024-10-02 15:20:50
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.178.129.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 11:20:45.691897 2024] [security2:error] [pid 28582:tid 28582] [client 52.178.129.74:4938] [client 52.178.129.74] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csgohub.gg"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv1kzTF0FEWuHz6iR90mugAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack