girlbossceo
2024-08-12 00:19:45
(1 month ago)
This IP accessed a banned path "/wp-content/themes/upamana/mobile.php" with User Agent "Go-http-clie ... show more This IP accessed a banned path "/wp-content/themes/upamana/mobile.php" with User Agent "Go-http-client/2.0". (ListenCaddy) show less
Bad Web Bot
Web App Attack
Anonymous
2024-08-11 23:44:23
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-11 13:51:24
(1 month ago)
wordpress-trap
Web App Attack
MSZ
2024-08-11 12:11:03
(1 month ago)
Blocked by Fail2Ban (apache-auth-all)
Hacking
Brute-Force
Web App Attack
Anonymous
2024-08-10 07:54:33
(2 months ago)
wordpress-trap
Web App Attack
Rip
2024-08-10 05:19:55
(2 months ago)
108.165.243.149 - - [09/Aug/2024:22:18:54 -0700] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1 ... show more 108.165.243.149 - - [09/Aug/2024:22:18:54 -0700] "GET /wp-admin/css/colors/coffee/index.php HTTP/1.1" 301 499 "-" "Go-http-client/1.1"
108.165.243.149 - - [09/Aug/2024:22:18:54 -0700] "GET /wp-admin/css/colors/blue/uploader.php HTTP/1.1" 301 501 "-" "Go-http-client/1.1"
... show less
Brute-Force
Web App Attack
iNetWorker
2024-08-10 02:44:20
(2 months ago)
trolling for resource vulnerabilities
Web App Attack
Jim Keir
2024-08-10 02:23:43
(2 months ago)
2024-08-10 02:23:42 108.165.243.149 File scanning, blocking 108.165.243.149 for 5 minutes
Web App Attack
WebpodsLLC
2024-08-09 04:00:34
(2 months ago)
Direction: in Trigger: LF_MODSEC;
Port Scan
Brute-Force
Web App Attack
TPI-Abuse
2024-08-09 00:16:57
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 20:16:53.710396 2024] [security2:error] [pid 26892:tid 26892] [client 108.165.243.149:32255] [client 108.165.243.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.vangentholding.com"] [uri "/wp-config.php"] [unique_id "ZrVf9ROyM0WrgPmif4OYGwAAAA8"], referer: http://vangentholding.com/wp-config.php show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 20:09:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 16:09:11.776841 2024] [security2:error] [pid 30878:tid 30878] [client 108.165.243.149:55049] [client 108.165.243.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toepferlab.org"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZrUl5_4n-5eHOv1GEsC3GwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 15:41:43
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 11:41:39.564652 2024] [security2:error] [pid 11529:tid 11529] [client 108.165.243.149:29037] [client 108.165.243.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trinitydent.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZrTnM8HrNeh2cBdhZVr3EAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
holos.pt
2024-08-08 15:10:01
(2 months ago)
Blocked for wp-config.php back-up probing in query string: /wp-config.php
Web App Attack
uhlhosting
2024-08-08 14:55:30
(2 months ago)
tkr-bausysteme.ch 108.165.243.149 - - [08/Aug/2024:16:55:28.224690 +0200] "GET /wp-content/themes/pa ... show more tkr-bausysteme.ch 108.165.243.149 - - [08/Aug/2024:16:55:28.224690 +0200] "GET /wp-content/themes/panama/json.php HTTP/1.1" 403 199 "-" "-" ZrTcYNaDkJ63MduWwultFgAAAAQ "-" /apache/20240808/20240808-1655/20240808-165528-ZrTcYNaDkJ63MduWwultFgAAAAQ 0 1713 md5:cec16594ae7fe5a917506aec988af133
tkr-bausysteme.ch 108.165.243.149 - - [08/Aug/2024:16:55:28.548712 +0200] "GET /xmrlpc.php HTTP/1.1" 403 199 "-" "-" ZrTcYNaDkJ63MduWwultFwAAAA8 "-" /apache/20240808/20240808-1655/20240808-165528-ZrTcYNaDkJ63MduWwultFwAAAA8 0 1669 md5:54ce3e3920743825c4e098aa032a9ab0
tkr-bausysteme.ch 108.165.243.149 - - [08/Aug/2024:16:55:28.869181 +0200] "GET /alfa-rex.php56 HTTP/1.1" 403 199 "-" "-" ZrTcYNaDkJ63MduWwultGAAAAAI "-" /apache/20240808/20240808-1655/20240808-165528-ZrTcYNaDkJ63MduWwultGAAAAAI 0 1674 md5:22e6154c0ad313f85036d5cccb064289
tkr-bausysteme.ch 108.165.243.149 - - [08/Aug/2024:16:55:29.190371 +0200] "GET /ioxi002.PhP7 HTTP/1.1" 403 199 "-" "-" ZrTcYdaDkJ63MduWwultGQAAABI "-" /apache/2024080
... show less
DDoS Attack
Brute-Force
TPI-Abuse
2024-08-08 13:03:56
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 108.165.243.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 09:03:52.330065 2024] [security2:error] [pid 12990:tid 12990] [client 108.165.243.149:12493] [client 108.165.243.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "therealseska.com"] [uri "/wp-config.php"] [unique_id "ZrTCOE6boSWirqH5bZ247AAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack