Suspicious activity detected by Modsecurity [Suspicious IP found on 7 servers 14 times. Reincident b ...
show moreSuspicious activity detected by Modsecurity [Suspicious IP found on 7 servers 14 times. Reincident by 1. Rules:]
show less
(php-url-fopen) Failed php-url-fopen trigger from 116.203.33.1 (DE/Germany/static.1.33.203.116.clien ...
show more(php-url-fopen) Failed php-url-fopen trigger from 116.203.33.1 (DE/Germany/static.1.33.203.116.clients.your-server.de): (CF_ENABLE)
show less
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 116.203.33.1 (DE/Germany ...
show more(apache-scanners) Failed apache-scanners trigger with match [redacted] from 116.203.33.1 (DE/Germany/static.1.33.203.116.clients.your-server.de): (CF_ENABLE)
show less
(mod_security) mod_security (id:14205) triggered by 116.203.33.1 (DE/Germany/-): 1 in the last 3600 ...
show more(mod_security) mod_security (id:14205) triggered by 116.203.33.1 (DE/Germany/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: 0; Trigger: LF_MODSEC; Logs: [Sat Jan 14 21:34:42.307032 2023] [:error] [pid 113425:tid 22536282367744] [client 116.203.33.1:0] [client 116.203.33.1] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?:\\\\/|)\\\\.{2}\\\\/.+\\\\.php" at ARGS_GET:filepath. [file "/etc/apache2/conf.d/webpods/15_bad_requests.conf"] [line "13"] [id "14205"] [rev "1"] [msg "Attempting to access php files from parent dir, how dare you!"] [severity "CRITICAL"] [hostname "robertsarea.com"] [uri "/wp-content/plugins/wpcargo/includes/barcode.php"] [unique_id "Y8NmQi8XAcXn2H_uMUFrlQAAVAc"], referer: www.google.com
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
(mod_security) mod_security (id:1010101) triggered by 116.203.33.1 (DE/Germany/static.1.33.203.116.c ...
show more(mod_security) mod_security (id:1010101) triggered by 116.203.33.1 (DE/Germany/static.1.33.203.116.clients.your-server.de): 5 in the last 3600 secs
show less