Anonymous
2024-02-25 13:00:29
(6 months ago)
Excessive HTTP/HTTPS connections.
Bad Web Bot
taivas.nl
2024-02-25 05:32:25
(6 months ago)
Many_bad_calls
Web App Attack
taivas.nl
2024-02-25 04:02:03
(6 months ago)
Wordpress_Attack
Web App Attack
TPI-Abuse
2024-02-25 03:37:11
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 22:37:07.886157 2024] [security2:error] [pid 2167346:tid 47719047522048] [client 89.37.173.54:42780] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vinylnotespodcast.com"] [uri "/wp-config.php"] [unique_id "Zdq148sLINIp-QSxy-xfnQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-24 23:59:29
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 18:59:24.881951 2024] [security2:error] [pid 31808] [client 89.37.173.54:55558] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sarahingber.com"] [uri "/wp-config.php"] [unique_id "ZdqC3FZ_q6EJJXzSVj2BrwAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-24 23:31:56
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 18:31:49.958123 2024] [security2:error] [pid 13094] [client 89.37.173.54:59022] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rldcompany.com"] [uri "/wp-config.php"] [unique_id "Zdp8ZdyWqPhjUbDd2N5xigAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-24 22:36:55
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 17:36:47.904648 2024] [security2:error] [pid 31590] [client 89.37.173.54:47978] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.exorex.biz"] [uri "/wp-config.php"] [unique_id "Zdpvf8WqIyeN9ns9QtlISgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-24 17:39:15
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 12:39:08.908201 2024] [security2:error] [pid 21908] [client 89.37.173.54:53868] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gayarab.com"] [uri "/wp-config.php"] [unique_id "ZdopvOhwcxpWfdUn7m-kLwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-02-24 16:30:55
(6 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-02-24 14:27:41
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 09:27:37.959502 2024] [security2:error] [pid 4068702] [client 89.37.173.54:58774] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.elpais.mx"] [uri "/wp-config.php"] [unique_id "Zdn82Q6dbum3gY5ZSqYW0AAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
hostseries
2024-02-24 14:23:17
(6 months ago)
Trigger: LF_MODSEC
Brute-Force
TPI-Abuse
2024-02-24 14:07:43
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 09:07:35.678595 2024] [security2:error] [pid 6184] [client 89.37.173.54:38544] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fabwestmfg.com"] [uri "/wp-config.php"] [unique_id "Zdn4J7W5CAk_pHVKyV73-gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
10dencehispahard SL
2024-02-24 13:57:44
(6 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
TPI-Abuse
2024-02-24 13:42:38
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:210492) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 08:42:34.683435 2024] [security2:error] [pid 7933] [client 89.37.173.54:56376] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photosatthebeach.com.rddeckerphotography.com"] [uri "/wp-config.php"] [unique_id "ZdnySoTLOhXcBVFfLR5WggAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-22 01:16:51
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): ... show more (mod_security) mod_security (id:225170) triggered by 89.37.173.54 (54.173.37.89.baremetal.zare.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 21 20:16:45.311030 2023] [security2:error] [pid 2376] [client 89.37.173.54:39532] [client 89.37.173.54] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dougscomputers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dougscomputers.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "ZYTjfZL_Zr6W85X8T7fLrQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack