TPI-Abuse
2024-10-02 23:00:29
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 19:00:25.008600 2024] [security2:error] [pid 15133:tid 15133] [client 52.178.139.208:3212] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "debradamico.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3QiT_2bAqjL4Gqpj4GHAAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 22:56:12
(2 months ago)
Bot / seems abusive / Apache connections: 41
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 22:35:50
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 18:35:43.048085 2024] [security2:error] [pid 24498:tid 24498] [client 52.178.139.208:9100] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3KvyYEPeygzWE-9vnsOwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
URAN Publishing Service
2024-10-02 22:07:01
(2 months ago)
52.178.139.208 - - [03/Oct/2024:01:06:56 +0300] "GET /wp-content/themes/sketch/404.php HTTP/1.1" 404 ... show more 52.178.139.208 - - [03/Oct/2024:01:06:56 +0300] "GET /wp-content/themes/sketch/404.php HTTP/1.1" 404 196 "-" "-"
52.178.139.208 - - [03/Oct/2024:01:07:01 +0300] "GET /wp-includes/bak.php HTTP/1.1" 404 196 "-" "-"
... show less
Web App Attack
TPI-Abuse
2024-10-02 21:58:54
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 17:58:50.736763 2024] [security2:error] [pid 9309:tid 9309] [client 52.178.139.208:7846] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "curtisnalembranza.es"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv3CGpvFbMxxCFT5z70klQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 21:06:23
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 17:06:18.245101 2024] [security2:error] [pid 28726:tid 28743] [client 52.178.139.208:4497] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "foresthillseast.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv21yrO6fmFaUrkR9bh-FQAAAQk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 18:59:45
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 14:59:38.467205 2024] [security2:error] [pid 30604:tid 30621] [client 52.178.139.208:2459] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dubarch.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2YGrc0uXXMYTr19dTgXAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 18:39:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 14:39:10.658104 2024] [security2:error] [pid 12148:tid 12148] [client 52.178.139.208:8854] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xirin.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2TTmaXjPC_60kHWD4xNAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-10-02 18:19:44
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
syokadmin
2024-10-02 18:13:52
(2 months ago)
(mod_security) mod_security (id:77316861) triggered by 52.178.139.208 (IE/Ireland/-): 1 in the last ... show more (mod_security) mod_security (id:77316861) triggered by 52.178.139.208 (IE/Ireland/-): 1 in the last 3600 secs show less
Brute-Force
Bächtold-Informatik
2024-10-02 18:13:07
(2 months ago)
Domain : vmbi.ch
Rule : config
2024-10-02 18:12:03 145.239.244.113 GET /wp-configs.php - ... show more Domain : vmbi.ch
Rule : config
2024-10-02 18:12:03 145.239.244.113 GET /wp-configs.php - 443 - 52.178.139.208 HTTP/1.1 - - vmbi.ch 404 0 2 12749 47 28 - - show less
Hacking
SQL Injection
Anonymous
2024-10-02 18:11:00
(2 months ago)
Excessive crawling/scraping. Vulnerable file probing.
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 17:30:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 13:29:56.873182 2024] [security2:error] [pid 24948:tid 24948] [client 52.178.139.208:2033] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robinnixon.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv2DFDmXloc-AMoWYIDhvwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 17:13:51
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 13:13:47.630588 2024] [security2:error] [pid 30373:tid 30373] [client 52.178.139.208:4787] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matchsticbranding.agency"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv1_S8kQFEGu_tn6YhT_mQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-10-02 17:04:41
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot