URAN Publishing Service
2024-08-11 00:41:33
(1 month ago)
134.209.105.214 - - [11/Aug/2024:03:41:30 +0300] "GET /wp-content/plugins/classic-editor/wp-login.ph ... show more 134.209.105.214 - - [11/Aug/2024:03:41:30 +0300] "GET /wp-content/plugins/classic-editor/wp-login.php HTTP/1.1" 404 275 "-" "fasthttp"
134.209.105.214 - - [11/Aug/2024:03:41:33 +0300] "GET /cgi-bin/iR7SzrsOUEP.php HTTP/1.1" 404 438 "-" "fasthttp"
... show less
Web App Attack
TPI-Abuse
2024-08-10 22:57:40
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 18:57:34.212926 2024] [security2:error] [pid 28529:tid 28529] [client 134.209.105.214:56249] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "screenplaycoverage.skylercaleb.com"] [uri "/wp-config.php"] [unique_id "ZrfwXrZbLGoxU8FiGtK1pgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 18:18:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 14:18:16.137887 2024] [security2:error] [pid 24894:tid 24894] [client 134.209.105.214:58644] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "groupof12.com"] [uri "/wp-config.php"] [unique_id "Zreu6HKlGssplkzv7LZonAAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 15:31:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 11:31:36.480065 2024] [security2:error] [pid 3016:tid 3016] [client 134.209.105.214:53179] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "interracialpornotgp.com.gorillalinks.com"] [uri "/wp-config.php"] [unique_id "ZreH2PhW2E0_S03M8LS7CwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 15:13:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 11:13:21.348702 2024] [security2:error] [pid 27045:tid 27045] [client 134.209.105.214:52062] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fakelands.com"] [uri "/wp-config.php"] [unique_id "ZreDkTUE2XW88e60e_yXkwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 07:07:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 03:07:01.261196 2024] [security2:error] [pid 7113:tid 7113] [client 134.209.105.214:63349] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "talamancareserve.com"] [uri "/wp-config.php"] [unique_id "ZrcRlQQwmxKKTOfLr3LC6AAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-10 06:09:08
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
Evag Touf
2024-08-10 02:14:57
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 134.209.105.214 (SG/Singapore/-): (CF_ ... show more (mod_security) mod_security triggered on hostname [redacted] 134.209.105.214 (SG/Singapore/-): (CF_ENABLE) show less
SQL Injection
TPI-Abuse
2024-08-09 21:59:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 17:58:54.327173 2024] [security2:error] [pid 4181749:tid 4181788] [client 134.209.105.214:53193] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidholls.com"] [uri "/wp-config.php"] [unique_id "ZraRHg584GBssgUokigsLQAAARU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 17:13:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 13:12:55.129146 2024] [security2:error] [pid 3156264:tid 3156264] [client 134.209.105.214:60590] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cindymillerphotos.com.zermattstudios.com"] [uri "/wp-config.php"] [unique_id "ZrZOFyEZUFhobNXrw8x-UgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 10:16:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 06:16:10.204704 2024] [security2:error] [pid 23205:tid 23205] [client 134.209.105.214:56232] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dc406.org"] [uri "/wp-config.php"] [unique_id "ZrXsar9A7IOhvgVXCntgnQAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-08 14:46:52
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
updown.io
2024-08-08 09:42:23
(1 month ago)
{"level":"info","ts":1723110126.9542406,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1723110126.9542406,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"50316","proto":"HTTP/1.1","method":"GET","host":"tx9t.status.updown.io","uri":"/.well-known/about.php","headers":{"User-Agent":["fasthttp"]}},"user_id":"","duration":0.000051698,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://tx9t.status.updown.io/.well-known/about.php"],"Content-Type":[]}}
{"level":"info","ts":1723110127.1101317,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"134.209.105.214","remote_port":"50333","proto":"HTTP/1.1","method":"GET","host":"tx9t.status.updown.io","uri":"/vendor/phpunit/phpunit/src/Util/PHP/","headers":{"User-Agent":["fasthttp"]}},"user_id":"","duration":0.000053131,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://tx9t.status.updown.io/vendor/phpunit/phpunit/src/Util/PHP
... show less
DDoS Attack
Web App Attack
Anonymous
2024-08-07 02:43:50
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-06 07:48:49
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 134.209.105.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 03:48:45.234273 2024] [security2:error] [pid 32345:tid 32345] [client 134.209.105.214:64286] [client 134.209.105.214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adcommdigitel.cathrynn.com"] [uri "/wp-config.php"] [unique_id "ZrHVXTHP3L4fYdoBV3lEcAAAAB0"] show less
Brute-Force
Bad Web Bot
Web App Attack