Anonymous
2024-08-16 04:36:43
(3 weeks ago)
wordpress-trap
Web App Attack
Anonymous
2024-08-15 07:25:18
(3 weeks ago)
wordpress-trap
Web App Attack
Francio
2024-08-11 17:06:14
(4 weeks ago)
abuser
Brute-Force
Anonymous
2024-08-11 10:52:35
(4 weeks ago)
wordpress-trap
Web App Attack
expandmade.com
2024-08-07 03:03:02
(1 month ago)
trolling for installation vulnerabilities [07/Aug/2024:03:03:02 "GET /wp-content/uploads/small.php"]
Web App Attack
TPI-Abuse
2024-08-06 17:41:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 13:41:16.571980 2024] [security2:error] [pid 17577:tid 17577] [client 193.37.32.90:30829] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circleofsound.org"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "ZrJgPDoSraSDMfUCme3MyQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-03 09:17:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 05:17:53.627289 2024] [security2:error] [pid 19578:tid 19578] [client 193.37.32.90:21247] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wailthelifeofbudpowell.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zq31we4k27yGVlmcE3n9_wAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
uhlhosting
2024-08-02 09:56:56
(1 month ago)
idleslidegloves.com 193.37.32.90 - - [02/Aug/2024:11:56:53.409135 +0200] "GET /.well-known/pki-valid ... show more idleslidegloves.com 193.37.32.90 - - [02/Aug/2024:11:56:53.409135 +0200] "GET /.well-known/pki-validation/install.php HTTP/1.1" 403 199 "-" "-" ZqytZYC3hW5fMh1ra7X_3AAAAQc "-" /apache/20240802/20240802-1156/20240802-115653-ZqytZYC3hW5fMh1ra7X_3AAAAQc 0 1100 md5:b2bd4b3b54b2eb8567cb309c4b12a210
idleslidegloves.com 193.37.32.90 - - [02/Aug/2024:11:56:55.324579 +0200] "GET /wp-includes/pomo/pomo.php HTTP/1.1" 403 199 "-" "-" ZqytZ4C3hW5fMh1ra7X_3wAAAQY "-" /apache/20240802/20240802-1156/20240802-115655-ZqytZ4C3hW5fMh1ra7X_3wAAAQY 0 1119 md5:b29071c95611b743d4be85c26fbe6bb8
idleslidegloves.com 193.37.32.90 - - [02/Aug/2024:11:56:55.489158 +0200] "GET /.well-known/about.php HTTP/1.1" 403 199 "-" "-" ZqytZ4C3hW5fMh1ra7X_4AAAAQE "-" /apache/20240802/20240802-1156/20240802-115655-ZqytZ4C3hW5fMh1ra7X_4AAAAQE 0 1083 md5:a468f1e7ec02e911c7c461f8929cc4c9
idleslidegloves.com 193.37.32.90 - - [02/Aug/2024:11:56:55.657486 +0200] "GET /wp-includes/IXR/themes.php HTTP/1.1" 403 199 "-" "-" ZqytZ4C3hW
... show less
DDoS Attack
Brute-Force
TPI-Abuse
2024-08-01 09:28:08
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 01 05:28:03.499813 2024] [security2:error] [pid 5917:tid 5917] [client 193.37.32.90:48665] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thebradleyclinic.com"] [uri "/admin/.env-prod"] [unique_id "ZqtVI_lfxw8Eg8nA_EB2qQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-01 00:44:49
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-07-24 08:16:16
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 04:16:10.412160 2024] [security2:error] [pid 21703:tid 21703] [client 193.37.32.90:21543] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.anthraxbook.banis-associates.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.anthraxbook.banis-associates.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZqC4SvlTCUpHmr7jvHR5QAAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
taivas.nl
2024-07-19 04:32:26
(1 month ago)
Many_bad_calls
Web App Attack
taivas.nl
2024-07-18 14:02:04
(1 month ago)
Wordpress_Attack
Web App Attack
TPI-Abuse
2024-07-14 02:13:59
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 22:13:54.528908 2024] [security2:error] [pid 22824] [client 193.37.32.90:14945] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "travelto.info"] [uri "/wp-config.php"] [unique_id "ZpM0YszuiBEytY4bjv3zJgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-12 13:02:26
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 193.37.32.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 09:02:21.733498 2024] [security2:error] [pid 7461] [client 193.37.32.90:40789] [client 193.37.32.90] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.chilako.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chilako.com"] [uri "/settings.php.bak"] [unique_id "ZpEpXSk85wzns-VewyXo7gAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack