๐ธ๐ฌ
Cloudkul Cloudkul
2025-04-10 05:40:06
(1 year ago)
Attempted Brute Force on our application
Brute-Force
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2025-04-10 05:13:37
(1 year ago)
13 attacks on Alfa URLs:
GET /wp-includes/ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1
Hacking
๐ซ๐ฎ
paissangroup
2025-04-10 04:29:11
(1 year ago)
Multiple WAF Violations
Web App Attack
๐ฌ๐ง
Spidrweb.co.uk
2025-04-10 03:17:27
(1 year ago)
Brute-Force WordPress attack
Web App Attack
๐จ๐ฆ
Mediashaker
2025-04-10 03:15:15
(1 year ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 168.61.144.138 (US/Unite ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 168.61.144.138 (US/United States/-)
show less
Port Scan
๐ฉ๐ช
LRob
2025-04-10 03:00:10
(1 year ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
Anonymous
2025-04-10 02:13:17
(1 year ago)
Fail2Ban: IP flagged for web exploits and DDoS attack attempts (Categories 4, 21).
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-10 01:12:08
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 168.61.144.138 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 168.61.144.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 21:12:00.550535 2025] [security2:error] [pid 22059:tid 22059] [client 168.61.144.138:1515] [client 168.61.144.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "shieldsenterprises.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "Z_ca4Iu1T7KNOZBPEV25BwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
robotstxt
2025-04-10 00:32:12
(1 year ago)
168.61.144.138 - - [10/Apr/2025:00:24:36 +0000] "GET /mailer.php HTTP/1.1" 404 150376 "-" rt="0.851" ...
show more
168.61.144.138 - - [10/Apr/2025:00:24:36 +0000] "GET /mailer.php HTTP/1.1" 404 150376 "-" rt="0.851" "-" "-" h="www.cool-dreams.com" sn="www.cool-dreams.com" ru="/mailer.php" u="/index.php" ucs="-" ua="unix:/var/run/php/cooldreams82.sock" us="404" uct="0.000" urt="0.850"
168.61.144.138 - - [10/Apr/2025:00:24:36 +0000] "GET /mailer.php HTTP/1.1" 404 150376 "-" "-" "-"
168.61.144.138 - - [10/Apr/2025:00:25:29 +0000] "GET /wp-admin.php HTTP/1.1" 404 150382 "-" rt="0.828" "-" "-" h="www.cool-dreams.com" sn="www.cool-dreams.com" ru="/wp-admin.php" u="/index.php" ucs="-" ua="unix:/var/run/php/cooldreams82.sock" us="404" uct="0.000" urt="0.828"
168.61.144.138 - - [10/Apr/2025:00:25:29 +0000] "GET /wp-admin.php HTTP/1.1" 404 150382 "-" "-" "-"
168.61.144.138 - - [10/Apr/2025:00:31:21 +0000] "GET /mailer1.php HTTP/1.1" 404 150379 "-" rt="0.814" "-" "-" h="www.cool-dreams.com" sn="www.cool-dreams.com" ru="/mailer1.php" u="/index.php" ucs="-" ua="unix:/var/run/php/cooldreams82.sock" us="404" uct=
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-04-09 22:23:15
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 168.61.144.138 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 168.61.144.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 18:23:08.490815 2025] [security2:error] [pid 29851:tid 29860] [client 168.61.144.138:2821] [client 168.61.144.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thesdgriffingroup.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "Z_bzTJhrd-Ry5wq2pE-5QAAAAIc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2025-04-09 21:06:58
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2025-04-09 20:20:10
(1 year ago)
1459 limiting connections by zone (12m59s)
DDoS Attack
๐ช๐ธ
robotstxt
2025-04-09 20:11:38
(1 year ago)
168.61.144.138 - - [09/Apr/2025:20:06:04 +0000] "GET /mailer.php HTTP/1.1" 404 40077 "-" rt="1.002" ...
show more
168.61.144.138 - - [09/Apr/2025:20:06:04 +0000] "GET /mailer.php HTTP/1.1" 404 40077 "-" rt="1.002" "-" "-" h="agrogreensudoe.org" sn="agrogreensudoe.org" ru="/mailer.php" u="/index.php" ucs="-" ua="unix:/var/run/php/agrogreensudoe82.sock" us="404" uct="0.000" urt="1.002"
168.61.144.138 - - [09/Apr/2025:20:06:04 +0000] "GET /mailer.php HTTP/1.1" 404 40077 "-" "-" "-"
168.61.144.138 - - [09/Apr/2025:20:06:42 +0000] "GET /wp-admin.php HTTP/1.1" 404 40077 "-" rt="0.382" "-" "-" h="agrogreensudoe.org" sn="agrogreensudoe.org" ru="/wp-admin.php" u="/index.php" ucs="-" ua="unix:/var/run/php/agrogreensudoe82.sock" us="404" uct="0.000" urt="0.381"
168.61.144.138 - - [09/Apr/2025:20:06:42 +0000] "GET /wp-admin.php HTTP/1.1" 404 40077 "-" "-" "-"
168.61.144.138 - - [09/Apr/2025:20:11:14 +0000] "GET /mailer1.php HTTP/1.1" 404 40077 "-" rt="0.546" "-" "-" h="agrogreensudoe.org" sn="agrogreensudoe.org" ru="/mailer1.php" u="/index.php" ucs="-" ua="unix:/var/run/php/agrogreensudoe82.sock" us="404" uct
...
show less
Bad Web Bot
๐บ๐ธ
SleepyHosting
2023-01-19 14:43:59
(3 years ago)
(mod_security) mod_security (id:400010) triggered by 168.61.144.138 (US/United States/-): 5 in the l ...
show more
(mod_security) mod_security (id:400010) triggered by 168.61.144.138 (US/United States/-): 5 in the last 3600 secs
show less
Brute-Force
๐ต๐ญ
Nan Ngadan Ko
2023-01-15 21:14:51
(3 years ago)
unauthenticated action
Hacking