Anonymous
2024-08-25 07:31:30
(4 months ago)
wordpress-trap
Web App Attack
TPI-Abuse
2024-08-25 07:04:10
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 193.36.225.201 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.36.225.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 03:04:02.513210 2024] [security2:error] [pid 14139:tid 14139] [client 193.36.225.201:17023] [client 193.36.225.201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liftreading.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZsrXYsZmOL80r2GQ6i00UAAAACk"] show less
Brute-Force
Bad Web Bot
Web App Attack
mickael137
2024-08-25 03:55:36
(4 months ago)
193.36.225.201 - - [25/Aug/2024:05:55:34 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 14 ... show more 193.36.225.201 - - [25/Aug/2024:05:55:34 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net"
193.36.225.201 - - [25/Aug/2024:05:55:34 +0200] "GET /wp-login.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net"
193.36.225.201 - - [25/Aug/2024:05:55:34 +0200] "GET /wp-blog-header.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net"
193.36.225.201 - - [25/Aug/2024:05:55:35 +0200] "GET /version.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net"
193.36.225.201 - - [25/Aug/2024:05:55:35 +0200] "GET /mariju.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net"
193.36.225.201 - - [25/Aug/2024:05:55:35 +0200] "GET /ss.php HTTP/1.1" 404 146 "-" "Go-http-client/1.1" "-" "micled.net" show less
Brute-Force
URAN Publishing Service
2024-07-17 14:21:14
(6 months ago)
193.36.225.201 - - [17/Jul/2024:17:21:13 +0300] "GET /wp-admin/css/colors/blue/blue.php HTTP/1.1" 40 ... show more 193.36.225.201 - - [17/Jul/2024:17:21:13 +0300] "GET /wp-admin/css/colors/blue/blue.php HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
... show less
Web App Attack
URAN Publishing Service
2024-07-17 04:23:19
(6 months ago)
193.36.225.201 - - [17/Jul/2024:07:23:10 +0300] "GET /wp-content/themes/ HTTP/1.1" 404 277 "-" "Mozi ... show more 193.36.225.201 - - [17/Jul/2024:07:23:10 +0300] "GET /wp-content/themes/ HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36"
193.36.225.201 - - [17/Jul/2024:07:23:18 +0300] "GET /wp-includes/Requests/ HTTP/1.1" 404 277 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
... show less
Web App Attack
Swiptly
2024-06-16 19:47:16
(7 months ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Web Spam
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
URAN Publishing Service
2024-06-09 09:32:40
(7 months ago)
193.36.225.201 - - [09/Jun/2024:12:32:11 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 27 ... show more 193.36.225.201 - - [09/Jun/2024:12:32:11 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 272 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0"
193.36.225.201 - - [09/Jun/2024:12:32:38 +0300] "GET /wp-content/wp-cron.php?ac=3 HTTP/1.1" 404 272 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko"
... show less
Web App Attack
Anonymous
2024-06-06 05:04:17
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-05 00:39:18
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-02 03:30:45
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-05-29 04:23:24
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-05-25 00:07:00
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Thaliruth
2024-05-03 15:40:12
(8 months ago)
193.36.225.201 - - [03/May/2024:17:40:11 +0200] "GET /.well-known/pki-validation/about.php HTTP/1.1" ... show more 193.36.225.201 - - [03/May/2024:17:40:11 +0200] "GET /.well-known/pki-validation/about.php HTTP/1.1" 301 162 "-" "Go-http-client/1.1"
... show less
Bad Web Bot
10dencehispahard SL
2024-04-14 00:14:39
(9 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
Anonymous
2024-03-05 11:10:24
(10 months ago)
Malicious activity detected
Trawling for 3rd-party CMS installations
Hacking
Brute-Force
Web App Attack