TPI-Abuse
2024-08-26 08:46:40
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 04:46:34.110342 2024] [security2:error] [pid 2634333:tid 2634333] [client 62.146.234.77:64397] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jdeloa.com"] [uri "/wp-config.php"] [unique_id "ZsxA6uLzhU6Tg8C17hB3vgAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-26 05:08:57
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 01:08:50.458489 2024] [security2:error] [pid 28227:tid 28227] [client 62.146.234.77:61606] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drbolen.com"] [uri "/wp-config.php"] [unique_id "ZswN4orIy2_yXWTqWG5stQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-08-26 05:00:50
(3 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-08-17 17:27:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 13:27:50.978068 2024] [security2:error] [pid 7461:tid 7461] [client 62.146.234.77:64202] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jbrodriguez.com"] [uri "/wp-config.php"] [unique_id "ZsDdlpkePRo2cNHUJ0VbFwAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-17 12:20:32
(1 month ago)
wordpress-trap
Web App Attack
axllent
2024-08-17 09:44:48
(1 month ago)
Scanning for exploits - //vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
Web App Attack
TPI-Abuse
2024-08-17 09:39:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 05:38:56.501170 2024] [security2:error] [pid 25250:tid 25353] [client 62.146.234.77:60493] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koublacat.com"] [uri "/wp-config.php"] [unique_id "ZsBvsM-uwGPpJjqCrbhyjgAAANA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hazzard
2024-08-17 00:04:16
(1 month ago)
62.146.234.77 (SG/Singapore/-/Singapore/vmi2002196.contaboserver.net/[redacted]), more than 60 Apach ... show more 62.146.234.77 (SG/Singapore/-/Singapore/vmi2002196.contaboserver.net/[redacted]), more than 60 Apache 403 hits show less
Hacking
TPI-Abuse
2024-08-16 13:41:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 16 09:41:41.774082 2024] [security2:error] [pid 26999:tid 26999] [client 62.146.234.77:57867] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "krb24.biz"] [uri "/wp-config.php"] [unique_id "Zr9XFZHo94GWMPRK7BLMyAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-16 12:46:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 16 08:46:51.193213 2024] [security2:error] [pid 8307:tid 8307] [client 62.146.234.77:63486] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ldwla.com"] [uri "/wp-config.php"] [unique_id "Zr9KO0TrB9RJ0eucgo9kmgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-08-10 00:09:29
(1 month ago)
Too many Status 40X (361)
Scanning/Probing (26)
Request Overload (797)
Brute-Force
Web App Attack
TPI-Abuse
2024-08-09 22:14:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 18:14:21.819814 2024] [security2:error] [pid 1024463:tid 1024463] [client 62.146.234.77:60772] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wholesaleglassjars.com"] [uri "/wp-config.php"] [unique_id "ZraUvXX6hK0y3e9iqTQskQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 11:16:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 07:16:21.129766 2024] [security2:error] [pid 2752201:tid 2752201] [client 62.146.234.77:61774] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vrmapping.net"] [uri "/wp-config.php"] [unique_id "ZrX6heNraT6jgTcoddIGsQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
spyra.rocks
2024-08-09 08:22:31
(1 month ago)
ModSecurity
Web App Attack
TPI-Abuse
2024-08-09 00:47:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 ... show more (mod_security) mod_security (id:210492) triggered by 62.146.234.77 (vmi2002196.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 20:47:37.285442 2024] [security2:error] [pid 9055:tid 9055] [client 62.146.234.77:57450] [client 62.146.234.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.voodooshop.com"] [uri "/wp-config.php"] [unique_id "ZrVnKTNpX9ylimjMiYB41AAAAAs"], referer: http://voodooboutiques.com/wp-config.php show less
Brute-Force
Bad Web Bot
Web App Attack