Anonymous
2024-10-08 00:19:48
(2 months ago)
Fail2Ban apache-noscript
Bad Web Bot
robotstxt
2024-10-08 00:07:19
(2 months ago)
20.37.208.254 - - [08/Oct/2024:00:05:31 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 62387 "-" rt="0 ... show more 20.37.208.254 - - [08/Oct/2024:00:05:31 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 62387 "-" rt="0.102" "-" "-" h="www.wpvulnerability.com" sn="www.wpvulnerability.com" ru="/cgi-bin/about.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wpvulnerability82.sock" us="404" uct="0.000" urt="0.101"
20.37.208.254 - - [08/Oct/2024:00:05:44 +0000] "GET /cgi-bin/wp-login.php HTTP/1.1" 404 62387 "-" rt="0.123" "-" "-" h="www.wpvulnerability.com" sn="www.wpvulnerability.com" ru="/cgi-bin/wp-login.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wpvulnerability82.sock" us="404" uct="0.000" urt="0.123"
20.37.208.254 - - [08/Oct/2024:00:05:31 +0000] "GET /cgi-bin/about.php HTTP/1.1" 404 62387 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:00:05:44 +0000] "GET /cgi-bin/wp-login.php HTTP/1.1" 404 62387 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:00:06:19 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 62387 "-" rt="0.139" "-" "-" h="www.wpvulnerability.com" sn="www.wpvulnerability.com" ru="/cgi-bin/xmrlpc
... show less
Brute-Force
Web App Attack
thesimonmanuel
2024-10-07 22:28:19
(2 months ago)
20.37.208.254 - - [08/Oct/2024:03:58:17 +0530] "GET /admin/function.php HTTP/1.1" 404 146 "-" "-" "- ... show more 20.37.208.254 - - [08/Oct/2024:03:58:17 +0530] "GET /admin/function.php HTTP/1.1" 404 146 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:03:58:17 +0530] "GET /admin.php HTTP/1.1" 404 146 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:03:58:18 +0530] "GET /config.php HTTP/1.1" 404 146 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:03:58:18 +0530] "GET /about/function.php HTTP/1.1" 404 146 "-" "-" "-"
20.37.208.254 - - [08/Oct/2024:03:58:19 +0530] "GET /lock.php HTTP/1.1" 404 146 "-" "-" "-" show less
Hacking
Web App Attack
cmbplf
2024-10-07 21:30:32
(2 months ago)
209 requests to */.well-known/pki-validation/*.php
Brute-Force
Bad Web Bot
URAN Publishing Service
2024-10-07 20:27:46
(2 months ago)
20.37.208.254 - - [07/Oct/2024:23:27:45 +0300] "GET /wp-content/index.php HTTP/1.1" 404 196 "-" "-"< ... show more 20.37.208.254 - - [07/Oct/2024:23:27:45 +0300] "GET /wp-content/index.php HTTP/1.1" 404 196 "-" "-"
... show less
Web App Attack
Anonymous
2024-10-07 18:50:33
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
strefapi_com
2024-10-07 16:54:14
(2 months ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
Anonymous
2024-10-07 16:28:45
(2 months ago)
suspicious behavior
Brute-Force
Web App Attack
rakkor
2024-10-07 15:05:59
(2 months ago)
2024/10/07 16:05:58 [error] 11848#11848: *3495678 FastCGI sent in stderr: "Primary script unknown" w ... show more 2024/10/07 16:05:58 [error] 11848#11848: *3495678 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.37.208.254, server: , request: "GET /admin/function.php HTTP/1.1", upstream: "fastcgi://unix:/run/php-fpm/php-925b669d-80ec-41dd-b8c8-bf5a26d831bf.sock:", host: "jksimmons.co.uk"
... show less
Hacking
Brute-Force
Anonymous
2024-10-07 14:19:47
(2 months ago)
wordpress-trap
Web App Attack
Rizzy
2024-10-07 12:50:12
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2024-10-07 11:12:39
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH
paulshipley.com.au
2024-10-07 09:12:47
(2 months ago)
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:32 +1100] "GET /admin/function.php ... show more levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:32 +1100] "GET /admin/function.php HTTP/1.1" 404 141468 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:33 +1100] "GET /admin.php HTTP/1.1" 404 141458 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:35 +1100] "GET /config.php HTTP/1.1" 404 141459 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:37 +1100] "GET /about/function.php HTTP/1.1" 404 141468 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:38 +1100] "GET /lock.php HTTP/1.1" 404 141457 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:40 +1100] "GET /simple.php HTTP/1.1" 404 141459 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:41 +1100] "GET /radio.php HTTP/1.1" 404 141458 "-" "-"
levellapromotions.com.au:443 20.37.208.254 - - [07/Oct/2024:20:12:43 +1100] "GET //wp-mail.php HTTP/1.1" 403 3218 "-" "-"
levellapromo
... show less
Web App Attack
IRISIO
2024-10-07 08:15:13
(2 months ago)
scans/SQL injection/spam posts : 1363 queries
SQL Injection
Web App Attack
SpeedIT Solutions
2024-10-07 06:15:14
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 20.37.208.254 (AU/Australia/-): (CF_EN ... show more (mod_security) mod_security triggered on hostname [redacted] 20.37.208.254 (AU/Australia/-): (CF_ENABLE) show less
SQL Injection