Anonymous
2024-08-15 04:26:22
(1 month ago)
wordpress-trap
Web App Attack
zynex
2024-08-12 11:25:40
(1 month ago)
URL Probing: /wp-admin/network/editor.php
Web App Attack
Anonymous
2024-08-12 05:38:50
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-09 11:34:52
(1 month ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-09 05:24:13
(1 month ago)
wordpress-trap
Web App Attack
Linux-Tech
2024-08-09 03:16:17
(1 month ago)
193.37.32.164 - - [09/Aug/2024:05:16:16 +0200] "GET /wp-includes/fonts/wp-login.php HTTP/1.1" 302 13 ... show more 193.37.32.164 - - [09/Aug/2024:05:16:16 +0200] "GET /wp-includes/fonts/wp-login.php HTTP/1.1" 302 138 "-" "Go-http-client/1.1" 193.37.32.164 - - [09/Aug/2024:05:16:16 +0200] "GET /wp-admin/network/wp-login.php HTTP/1.1" 302 138 "-" "Go-http-client/1.1" show less
Port Scan
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 20:57:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 16:57:38.124817 2024] [security2:error] [pid 13013:tid 13013] [client 193.37.32.164:37885] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wildcroc.us"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZrUxQjROFvZgI-oIAKmgMAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 08:28:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 04:28:11.740035 2024] [security2:error] [pid 11048:tid 11048] [client 193.37.32.164:31915] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.neilvboyer.com"] [uri "/wp-config.php"] [unique_id "ZrSBm-mQnATI1lae1lDJlgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-08-07 19:31:46
(1 month ago)
219 requests to */.well-known/pki-validation/*.php
Brute-Force
Bad Web Bot
TPI-Abuse
2024-08-07 14:54:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 10:53:40.030763 2024] [security2:error] [pid 19185:tid 19314] [client 193.37.32.164:3759] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3penguinsphotography.com"] [uri "/wp-config.php"] [unique_id "ZrOKdKiZtF8PM_tmpicBYQAAAMY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-06 09:52:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 05:51:56.588212 2024] [security2:error] [pid 11604:tid 11604] [client 193.37.32.164:43743] [client 193.37.32.164] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "homeland-realestate.com"] [uri "/.env.prod"] [unique_id "ZrHyPC1VqKfdv2XEDYY9EwAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
4server
2024-08-02 07:02:11
(2 months ago)
[FriAug0208:59:59.3730692024][security2:error][pid1286620:tid1286669][client193.37.32.164:0][client1 ... show more [FriAug0208:59:59.3730692024][security2:error][pid1286620:tid1286669][client193.37.32.164:0][client193.37.32.164]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\|tml\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5056\"][id\"382238\"][rev\"2\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:PHPfileexecutioninuploadsdirectorydenied\"][data\"wp-content/uploads/inputs.php\"][severity\"CRITICAL\"][hostname\"feldenkraistherapy.ch\"][uri\"/wp-content/uploads/inputs.php\"][unique_id\"ZqyD79A_ZwEthIx0m9HnHgAAAEQ\"][FriAug0209:01:37.9976972024][security2:error][pid1286620:tid1286684][client193.37.32.164:0][client193.37.32.164]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\.bak\|\\\\\\\\.bak\\\\\\\\.php\)\$\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1160\"][id\"390582\"][rev\"2\"][msg\"Atomicorp.comWAFRules:AttackBlocked-Dataleakage-attempttoaccessbacku show less
Port Scan
Brute-Force
Web App Attack
rdpguard.com
2024-07-30 17:49:57
(2 months ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
www.Examensfragen.de
2024-07-19 23:32:52
(2 months ago)
Web Spam
Bad Web Bot
URAN Publishing Service
2024-07-17 22:27:04
(2 months ago)
193.37.32.164 - - [18/Jul/2024:01:27:03 +0300] "GET /wp-admin/includes/iR7SzrsOUEP.php HTTP/1.1" 404 ... show more 193.37.32.164 - - [18/Jul/2024:01:27:03 +0300] "GET /wp-admin/includes/iR7SzrsOUEP.php HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
193.37.32.164 - - [18/Jul/2024:01:27:03 +0300] "GET /wp-includes/ID3/class.api.php HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
... show less
Web App Attack