URAN Publishing Service
2024-08-24 19:54:08
(2 weeks ago)
128.199.208.160 - - [24/Aug/2024:22:54:06 +0300] "GET /wp-content/plugins/classic-editor/wp-login.ph ... show more 128.199.208.160 - - [24/Aug/2024:22:54:06 +0300] "GET /wp-content/plugins/classic-editor/wp-login.php HTTP/1.1" 404 436 "-" "fasthttp"
128.199.208.160 - - [24/Aug/2024:22:54:08 +0300] "GET /wp-includes/css/dist/edit-site/ HTTP/1.1" 404 436 "-" "fasthttp"
... show less
Web App Attack
TPI-Abuse
2024-08-24 15:52:58
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 11:52:53.943752 2024] [security2:error] [pid 7143:tid 7143] [client 128.199.208.160:58301] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "faeriefeelers.com"] [uri "/wp-config.php"] [unique_id "ZsoB1TL_UHK1eHX8RWzbkAAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-23 20:14:08
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 23 16:14:00.200768 2024] [security2:error] [pid 25091:tid 25224] [client 128.199.208.160:52562] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lucy.abney.info"] [uri "/wp-config.php"] [unique_id "ZsjtiBlNW3tHSVeFP916TAAAAEw"] show less
Brute-Force
Bad Web Bot
Web App Attack
sms.ru
2024-08-23 20:02:31
(3 weeks ago)
/vendor/phpunit/phpunit/src/Util/PHP/
Web App Attack
Anonymous
2024-08-23 08:19:24
(3 weeks ago)
wordpress-trap
Web App Attack
Savvii
2024-08-23 02:24:01
(3 weeks ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-22 18:59:23
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 14:59:19.454937 2024] [security2:error] [pid 2555:tid 2555] [client 128.199.208.160:54562] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "francesphilosophy.com"] [uri "/wp-config.php"] [unique_id "ZseKhwSMTqnBXrTewOgWuQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-22 14:56:31
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 10:56:25.299521 2024] [security2:error] [pid 19875:tid 19875] [client 128.199.208.160:51956] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "merrilymovie.com"] [uri "/wp-config.php"] [unique_id "ZsdRmVxD_fpUuDtoaoD-bwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-22 08:31:56
(3 weeks ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-08-21 22:03:37
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 18:03:32.916508 2024] [security2:error] [pid 26190:tid 26190] [client 128.199.208.160:60884] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "al-hafeeztrust.al-bukhari.org"] [uri "/wp-config.php"] [unique_id "ZsZkNCGXndRoSwyT4o-lQwAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-21 19:49:38
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 128.199.208.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 15:49:31.007093 2024] [security2:error] [pid 22786:tid 22786] [client 128.199.208.160:58065] [client 128.199.208.160] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bradleybarefoot.com"] [uri "/wp-config.php"] [unique_id "ZsZEy5WYPNIFDsbbImhR3gAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-21 13:03:26
(3 weeks ago)
128.199.208.160 - - [21/Aug/2024:15:01:48 +0200] "GET /wp-content/plugins/classic-editor/wp-login.ph ... show more 128.199.208.160 - - [21/Aug/2024:15:01:48 +0200] "GET /wp-content/plugins/classic-editor/wp-login.php HTTP/1.1" 302 628 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:02:07 +0200] "GET /wp-login.php HTTP/1.1" 302 628 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:02:15 +0200] "GET /xmlrpc.php HTTP/1.1" 302 628 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:02:20 +0200] "GET /.well-known/pki-validation/wp-login.php HTTP/1.1" 200 2911 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:02:23 +0200] "GET /.well-known/acme-challenge/wp-login.php HTTP/1.1" 200 2911 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:03:24 +0200] "GET /wp-includes/IXR/wp-login.php HTTP/1.1" 302 628 "-" "fasthttp"
128.199.208.160 - - [21/Aug/2024:15:03:25 +0200] "GET /wp-includes/ID3/wp-login.php HTTP/1.1" 302 628 "-" "fasthttp"
... show less
Brute-Force
Anonymous
2024-08-20 12:55:06
(3 weeks ago)
Trawling for OpenSource CMS components
Hacking
Brute-Force
Savvii
2024-08-20 02:22:26
(3 weeks ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
Mediashaker
2024-08-19 21:14:45
(3 weeks ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 128.199.208.160 (SG/Sing ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 128.199.208.160 (SG/Singapore/-) show less
Port Scan