Anonymous
2025-01-10 17:57:12
(1 week ago)
wordpress-trap
Web App Attack
URAN Publishing Service
2025-01-08 19:05:51
(2 weeks ago)
193.176.211.103 - - [08/Jan/2025:21:05:20 +0200] "GET /wp-content/plugins/WordPressCore/include.php ... show more 193.176.211.103 - - [08/Jan/2025:21:05:20 +0200] "GET /wp-content/plugins/WordPressCore/include.php HTTP/1.1" 404 272 "-" "Go-http-client/1.1"
193.176.211.103 - - [08/Jan/2025:21:05:51 +0200] "GET /wp-content/admin.php HTTP/1.1" 404 272 "-" "Go-http-client/1.1"
... show less
Web App Attack
MAGIC
2024-12-19 18:01:01
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
tecnicorioja
2024-12-18 23:01:05
(1 month ago)
(Mod_security) [18/Dec/2024:15:16:22.650095
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-18 14:39:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.176.211.103 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 193.176.211.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 18 09:39:04.312342 2024] [security2:error] [pid 14767:tid 14767] [client 193.176.211.103:44461] [client 193.176.211.103] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dvdmasters.com"] [uri "/wp-admin/admin-post.php"] [unique_id "Z2LeiE1uJJx2P0FbdpaW2AAAACU"] show less
Brute-Force
Bad Web Bot
Web App Attack
MSZ
2024-12-17 12:00:16
(1 month ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
MSZ
2024-12-17 11:32:03
(1 month ago)
Blocked by Fail2Ban (plesk-apache)
Hacking
Brute-Force
Web App Attack
london2038.com
2024-12-16 01:37:40
(1 month ago)
Attacking WordPress
193.176.211.103 - - [16/Dec/2024:02:37:37 +0100] "POST /wp-content/plugins ... show more Attacking WordPress
193.176.211.103 - - [16/Dec/2024:02:37:37 +0100] "POST /wp-content/plugins/seo-local-rank/admin/vendor/datatables/examples/resources/examples.php HTTP/1.1" 403 17026 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0" show less
Brute-Force
Web App Attack
Anonymous
2024-12-15 20:40:07
(1 month ago)
| SQL injection attempt.
Hacking
SQL Injection
Web App Attack
psauxit
2024-12-15 06:53:28
(1 month ago)
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show more Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less
Hacking
Web App Attack
octageeks.com
2024-12-12 05:07:48
(1 month ago)
Wordpress malicious attack:[octablocked]
Web App Attack
mnsf
2024-12-11 12:05:20
(1 month ago)
Request Overload (138)
Brute-Force
Web App Attack
URAN Publishing Service
2024-12-11 08:20:11
(1 month ago)
193.176.211.103 - - [11/Dec/2024:10:18:55 +0200] "GET /wp-admin/maint/go.php HTTP/1.1" 404 280 "-" " ... show more 193.176.211.103 - - [11/Dec/2024:10:18:55 +0200] "GET /wp-admin/maint/go.php HTTP/1.1" 404 280 "-" "Go-http-client/1.1"
193.176.211.103 - - [11/Dec/2024:10:20:10 +0200] "GET /wp-includes/customize/about.php HTTP/1.1" 404 280 "-" "Go-http-client/1.1"
... show less
Web App Attack
Anonymous
2024-12-11 05:49:41
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-12-11 03:37:48
(1 month ago)
(mod_security) mod_security (id:210580) triggered by 193.176.211.103 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210580) triggered by 193.176.211.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 22:37:42.289639 2024] [security2:error] [pid 17975:tid 17975] [client 193.176.211.103:30739] [client 193.176.211.103] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:file. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||www.kandocopies.com|F|2"] [data "Matched Data: etc/passwd found within ARGS:file: ../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.kandocopies.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Z1kJBg0KGZ9Gz0JaV06CyQAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack