Mediashaker
2024-10-02 17:03:43
(2 months ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 52.178.139.208 (IE/Irela ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 52.178.139.208 (IE/Ireland/-) show less
Port Scan
Hazzard
2024-10-02 17:02:50
(2 months ago)
52.178.139.208 (IE/Ireland/Leinster/Dublin/-/[redacted]), more than 60 Apache 403 hits
Hacking
TPI-Abuse
2024-10-02 16:45:12
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 12:45:04.224195 2024] [security2:error] [pid 25542:tid 25554] [client 52.178.139.208:8403] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seattlefamilydoula.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv14kFK_fj8O5N4V-blU2QAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
SpeedIT Solutions
2024-10-02 16:35:29
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 52.178.139.208 (IE/Ireland/-): (CF_ENA ... show more (mod_security) mod_security triggered on hostname [redacted] 52.178.139.208 (IE/Ireland/-): (CF_ENABLE) show less
SQL Injection
TPI-Abuse
2024-10-02 16:28:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 12:28:03.596335 2024] [security2:error] [pid 9390:tid 9390] [client 52.178.139.208:6405] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "platinumcapitalpartners.net"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv10k8t3WLXhoLXl1MjC3AAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-10-02 16:18:58
(2 months ago)
(mod_security) mod_security (id:20000010) triggered by 52.178.139.208 (IE/Ireland/-): 5 in the last ... show more (mod_security) mod_security (id:20000010) triggered by 52.178.139.208 (IE/Ireland/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
COMAITE
2024-10-02 16:09:39
(2 months ago)
Multiple web server 400 error codes from same source ip 52.178.139.208.
Web App Attack
Anonymous
2024-10-02 16:02:13
(2 months ago)
Web attack
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-02 16:02:07
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 12:01:59.289739 2024] [security2:error] [pid 16966:tid 16966] [client 52.178.139.208:3309] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirklandhighlands.org"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv1ud4LXhJzv-gm3OV5rcAAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 15:50:00
(2 months ago)
Attack on wp-login.php.
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 15:48:49
(2 months ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-10-02 15:40:20
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.178.139.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 02 11:40:16.808543 2024] [security2:error] [pid 23600:tid 23600] [client 52.178.139.208:2637] [client 52.178.139.208] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ironsightsarmory.com"] [uri "/.well-known/pki-validation/wp-config.php"] [unique_id "Zv1pYFgoxkm05K0TCruJZgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-02 15:27:28
(2 months ago)
Open Source CMS Configuration File Requests
Hacking
Brute-Force
rsa
2024-10-02 15:19:00
(2 months ago)
GET /img/about.php HTTP/1.1
Hacking
Brute-Force
Web App Attack
cmbplf
2024-10-02 15:00:36
(2 months ago)
20.853 requests in 1 hour (1d59m59s)
Brute-Force
Bad Web Bot