Anonymous
2025-04-25 06:27:43
(1 year ago)
Aggressive web scan
Web App Attack
Anonymous
2025-04-25 00:30:00
(1 year ago)
Multiple unauthorized attempt to access to non-existent path
Web App Attack
๐ฎ๐น
IRT@Unisi
2025-04-24 11:53:16
(1 year ago)
Multiple web server 400 error codes from same source ip.
Web App Attack
๐ง๐ช
voormedia
2025-04-24 07:53:03
(1 year ago)
Accessed trap at '/phpinfo.php'
Web App Attack
Anonymous
2025-04-24 03:12:43
(1 year ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-24 00:06:28
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 152.42.226.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 152.42.226.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 23 20:06:20.347152 2025] [security2:error] [pid 28555:tid 28555] [client 152.42.226.224:55978] [client 152.42.226.224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manaplas.com"] [uri "/wp-config.php_"] [unique_id "aAmAfNqUwmdlJqWrjsOVPwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2025-04-23 18:38:08
(1 year ago)
15 attempts against mh-modsecurity-ban on neon
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-23 15:28:32
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 152.42.226.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 152.42.226.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 23 11:28:24.407668 2025] [security2:error] [pid 28475:tid 28475] [client 152.42.226.224:51222] [client 152.42.226.224] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.colorwize.com"] [uri "/wp-config.php_"] [unique_id "aAkHGMsd7l9pO01KBQOMZQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
masterguru
2025-04-23 03:13:26
(1 year ago)
. Matched phrase "wp-config.php" at REQUEST_URI. (210492-124)
Web App Attack
๐ช๐ธ
el-brujo
2025-04-23 02:52:07
(1 year ago)
Cloudflare WAF: Request Path: /sftp-config.json Request Query: Host: warzone.elhacker.net userAgent ...
show more
Cloudflare WAF: Request Path: /sftp-config.json Request Query: Host: warzone.elhacker.net userAgent: Mozilla/5.0 (Linux; U; Android 4.4.2; en-us; LGMS323 Build/KOT49I.MS32310c) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/30.0.1599.103 Mobile Safari/537.36 Action: block Source: firewallManaged ASN Description: DIGITALOCEAN-ASN Country: SG Method: GET Timestamp: 2025-04-23T02:52:07Z ruleId: c2a2f414a67c409f90cccb6c5bba0215. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ง๐ช
voormedia
2025-04-22 18:42:13
(1 year ago)
Accessed trap at '/phpinfo.php'
Web App Attack
๐ฎ๐ช
valeon
2025-04-22 16:22:56
(1 year ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
snappic
2025-04-22 14:58:18
(1 year ago)
Malicious URI path [GET /_wpeprivate/config.json] [Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; ...
show more
Malicious URI path [GET /_wpeprivate/config.json] [Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; yie10; rv:11.0) like Gecko]
show less
Bad Web Bot
Web App Attack
Anonymous
2025-04-22 06:27:44
(1 year ago)
Aggressive web scan
Web App Attack
๐ฉ๐ช
updown.io
2025-04-21 21:41:08
(1 year ago)
{"level":"info","ts":1745271646.0010052,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1745271646.0010052,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"152.42.226.224","remote_port":"64436","client_ip":"152.42.226.224","proto":"HTTP/1.1","method":"GET","host":"wwwbababa.tekaccess.yegobox161.35.139.3gpr8.status.updown.io","uri":"/_wpeprivate/config.json","headers":{"User-Agent":["Mozilla/5.0 (Linux; Android 4.4.4; en-us; SAMSUNG SM-N910T Build/KTU84P) AppleWebKit/537.36 (KHTML, like Gecko) Version/2.0 Chrome/34.0.1847.76 Mobile Safari/537.36"],"Accept-Encoding":["gzip, deflate"],"Accept":["*/*"],"Connection":["keep-alive"]}},"bytes_read":0,"user_id":"","duration":0.000045758,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://wwwbababa.tekaccess.yegobox161.35.139.3gpr8.status.updown.io/_wpeprivate/config.json"],"Content-Type":[]}}
{"level":"info","ts":1745271646.6313589,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"152.42.226.224","remo
...
show less
DDoS Attack
Web App Attack