TPI-Abuse
2024-08-21 00:47:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 20:47:27.019201 2024] [security2:error] [pid 10825:tid 10843] [client 193.37.32.164:2533] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.alancphotography.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZsU5H6Onw0DJfIT5W1KszQAAAAo"], referer: http://alancphotography.com/wp-content/plugins/wp-config.php show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-20 22:02:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 18:02:50.356966 2024] [security2:error] [pid 14117:tid 14117] [client 193.37.32.164:41869] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sharonmauldin.com"] [uri "/wp-config.php"] [unique_id "ZsUSijIsXK-2o0DXFQ31hAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
uhlhosting
2024-08-19 15:20:08
(1 month ago)
garage-allstars.ch 193.37.32.164 - - [19/Aug/2024:17:01:34.493936 +0200] "GET /wp-content/plugins/in ... show more garage-allstars.ch 193.37.32.164 - - [19/Aug/2024:17:01:34.493936 +0200] "GET /wp-content/plugins/index.php HTTP/1.1" 403 199 "-" "-" ZsNeTqkf4SO2wbar0n0tuAAAAEo "-" /apache/20240819/20240819-1701/20240819-170134-ZsNeTqkf4SO2wbar0n0tuAAAAEo 0 1799 md5:4f9fe807f517a26dd5efa70b0f1299c7
garage-allstars.ch 193.37.32.164 - - [19/Aug/2024:17:20:06.979276 +0200] "GET /cgi-bin/wp-2019.php HTTP/1.1" 403 199 "-" "-" ZsNipqkf4SO2wbar0n0vIgAAAEs "-" /apache/20240819/20240819-1720/20240819-172006-ZsNipqkf4SO2wbar0n0vIgAAAEs 0 1687 md5:b71c69bab4da7436ca11af0c03a2cf98
garage-allstars.ch 193.37.32.164 - - [19/Aug/2024:17:20:07.529460 +0200] "GET /wp-content/ice.php HTTP/1.1" 403 199 "-" "-" ZsNip6kf4SO2wbar0n0vIwAAAEk "-" /apache/20240819/20240819-1720/20240819-172007-ZsNip6kf4SO2wbar0n0vIwAAAEk 0 1682 md5:5ad95fb722ab6d89047c6ad81d7dddc2
garage-allstars.ch 193.37.32.164 - - [19/Aug/2024:17:20:07.834495 +0200] "GET /wp-content/masshp.php HTTP/1.1" 403 199 "-" "-" ZsNip6kf4SO2wbar0n0vJAAAAEc "-" /a
... show less
DDoS Attack
Brute-Force
Anonymous
2024-08-19 03:29:51
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-18 17:46:04
(1 month ago)
Domain : genoatek.pt
Rule : xmlrpc
2024-08-18 17:44:53 38.242.219.191 GET /xmlrpc.php rs ... show more Domain : genoatek.pt
Rule : xmlrpc
2024-08-18 17:44:53 38.242.219.191 GET /xmlrpc.php rsd 80 - 193.37.32.164 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 - genoatek.pt 404 0 2 1436 329 524 - - show less
Web App Attack
Anonymous
2024-08-18 14:19:49
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-17 17:41:39
(1 month ago)
wordpress-trap
Web App Attack
URAN Publishing Service
2024-08-17 13:44:41
(1 month ago)
193.37.32.164 - - [17/Aug/2024:16:43:46 +0300] "GET /wp-content/radio.php HTTP/1.1" 404 273 "-" "Go- ... show more 193.37.32.164 - - [17/Aug/2024:16:43:46 +0300] "GET /wp-content/radio.php HTTP/1.1" 404 273 "-" "Go-http-client/1.1"
193.37.32.164 - - [17/Aug/2024:16:44:38 +0300] "GET /wp-admin/js/about.php HTTP/1.1" 404 273 "-" "Go-http-client/1.1"
... show less
Web App Attack
TPI-Abuse
2024-08-17 07:59:18
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 03:59:12.842650 2024] [security2:error] [pid 21138:tid 21138] [client 193.37.32.164:47941] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "genesis-one.com"] [uri "/.env"] [unique_id "ZsBYUGj_r72othjdu_j-wgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-17 01:40:41
(1 month ago)
wordpress-trap
Web App Attack
zynex
2024-08-17 01:22:26
(1 month ago)
URL Probing: /wp-includes/sodium_compat/src/Core/Curve25519/Ge/network.php
Web App Attack
Gem
2024-08-16 22:04:06
(1 month ago)
Unauthorized web scan.
Web App Attack
iNetWorker
2024-08-16 17:33:19
(1 month ago)
trolling for resource vulnerabilities
Web App Attack
Anonymous
2024-08-16 11:52:56
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-16 06:43:41
(1 month ago)
wordpress-trap
Web App Attack