Anonymous
2024-01-04 02:16:35
(1 year ago)
WordPress admin/config access attempt:
173.239.211.130 - - [04/Jan/2024:02:16:35 +0000] "GET ... show more WordPress admin/config access attempt:
173.239.211.130 - - [04/Jan/2024:02:16:35 +0000] "GET /wp-admin/setup-config.php HTTP/1.1" 200 234 "http://richardgoodwin.net//wp-admin/setup-config.php" "Go-http-client/1.1" show less
Hacking
Web App Attack
nv
2024-01-01 16:44:02
(1 year ago)
173.239.211.130 - - [01/Jan/2024:17:44:01 +0100] "GET /cbd-und-sport/ HTTP/2.0" 200 56125 "https://w ... show more 173.239.211.130 - - [01/Jan/2024:17:44:01 +0100] "GET /cbd-und-sport/ HTTP/2.0" 200 56125 "https://www.der-goldene-hanf.com//shell.php" "Go-http-client/2.0" show less
Web App Attack
Rizzy
2023-12-30 12:28:44
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
beruys.com
2023-12-30 02:38:02
(1 year ago)
[Sat Dec 30 03:38:00.249139 2023] [proxy_fcgi:error] [pid 2927172:tid 140475545671424] [client 173.2 ... show more [Sat Dec 30 03:38:00.249139 2023] [proxy_fcgi:error] [pid 2927172:tid 140475545671424] [client 173.239.211.130:32729] AH01071: Got error 'Primary script unknown', referer: http://beruys.com//themes.php
[Sat Dec 30 03:38:00.618388 2023] [proxy_fcgi:error] [pid 2927172:tid 140475537278720] [client 173.239.211.130:32729] AH01071: Got error 'Primary script unknown', referer: http://beruys.com//about.php
[Sat Dec 30 03:38:01.732607 2023] [proxy_fcgi:error] [pid 2927172:tid 140476717692672] [client 173.239.211.130:32729] AH01071: Got error 'Primary script unknown', referer: http://beruys.com//byp.php
... show less
DDoS Attack
SSH
paulshipley.com.au
2023-12-29 22:18:41
(1 year ago)
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:12 +1100] "GET /cp.php HTTP/1.1" 404 40 ... show more mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:12 +1100] "GET /cp.php HTTP/1.1" 404 40646 "http://mareeshefford.com//cp.php" "Go-http-client/1.1"
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:15 +1100] "GET /marijuana.php HTTP/1.1" 404 35514 "http://mareeshefford.com//marijuana.php" "Go-http-client/1.1"
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:17 +1100] "GET /clen.php HTTP/1.1" 404 35514 "http://mareeshefford.com//clen.php" "Go-http-client/1.1"
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:19 +1100] "GET /mad.php HTTP/1.1" 404 35514 "http://mareeshefford.com//mad.php" "Go-http-client/1.1"
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:22 +1100] "GET /wp-includes/wp-class.php HTTP/1.1" 404 35514 "http://mareeshefford.com//wp-includes/wp-class.php" "Go-http-client/1.1"
mareeshefford.com:443 173.239.211.130 - - [30/Dec/2023:09:18:28 +1100] "GET /wp-content/plugins/ccx/ HTTP/1.1" 404 35414 "https://mareeshefford.
... show less
Web App Attack
etu brutus
2023-12-28 00:09:22
(1 year ago)
173.239.211.130 has been banned for [Control Panel abuse]
...
Hacking
Brute-Force
ghostwarriors
2023-12-25 10:20:23
(1 year ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
LTM
2023-12-25 07:20:01
(1 year ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
paulshipley.com.au
2023-12-24 08:41:44
(1 year ago)
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:19 +1100] "GET /themes.php HTTP/1.1" 404 5335 ... show more iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:19 +1100] "GET /themes.php HTTP/1.1" 404 53353 "http://iaki.com.au//themes.php" "Go-http-client/1.1"
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:21 +1100] "GET /about.php HTTP/1.1" 404 47940 "http://iaki.com.au//about.php" "Go-http-client/1.1"
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:24 +1100] "GET /wp-admin/css/colors/blue/CasperExV1.php HTTP/1.1" 404 47940 "http://iaki.com.au//wp-admin/css/colors/blue/CasperExV1.php" "Go-http-client/1.1"
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:27 +1100] "GET /byp.php HTTP/1.1" 404 47940 "http://iaki.com.au//byp.php" "Go-http-client/1.1"
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:30 +1100] "GET /edit-comments.php HTTP/1.1" 404 47946 "http://iaki.com.au//edit-comments.php" "Go-http-client/1.1"
iaki.com.au:443 173.239.211.130 - - [24/Dec/2023:19:41:32 +1100] "GET /smm.php HTTP/1.1" 404 47946 "http://iaki.com.au//smm.php" "Go-http-client/1.1"
iaki.c
... show less
Web App Attack
Carsten
2023-12-24 04:56:22
(1 year ago)
GET [wp-admin/users.php]
Port Scan
iNetWorker
2023-12-24 04:54:14
(1 year ago)
trolling for resource vulnerabilities
Web App Attack
conseilgouz
2023-12-24 02:08:33
(1 year ago)
lae-7 : Trying access unauthorized files/dir=>//wp-admin/user/moon.php
Hacking
Justmee
2023-12-23 23:41:26
(1 year ago)
Dec 23 16:41:23 server1 kernel: [8416467.923076] IPTABLES: IN=eth0 OUT= MAC=00:22:19:d7:2c:94:04:42: ... show more Dec 23 16:41:23 server1 kernel: [8416467.923076] IPTABLES: IN=eth0 OUT= MAC=00:22:19:d7:2c:94:04:42:1a:61:50:d8:08:00 SRC=173.239.211.130 DST=192.168.100.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=3147 DF PROTO=TCP SPT=54179 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Dec 23 16:41:24 server1 kernel: [8416468.929584] IPTABLES: IN=eth0 OUT= MAC=00:22:19:d7:2c:94:04:42:1a:61:50:d8:08:00 SRC=173.239.211.130 DST=192.168.100.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=3148 DF PROTO=TCP SPT=54179 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
Dec 23 16:41:26 server1 kernel: [8416470.945552] IPTABLES: IN=eth0 OUT= MAC=00:22:19:d7:2c:94:04:42:1a:61:50:d8:08:00 SRC=173.239.211.130 DST=192.168.100.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=3149 DF PROTO=TCP SPT=54179 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0
... show less
Hacking
Brute-Force
Sklurk
2023-12-23 23:34:11
(1 year ago)
Web App Attack
Web App Attack
zynex
2023-12-23 22:35:54
(1 year ago)
URL Probing: /themes.php
Web App Attack