URAN Publishing Service
2025-01-23 10:57:15
(3 weeks ago)
51.222.12.40 - - [23/Jan/2025:12:57:09 +0200] "GET /wp-content/plugins/infusionsoft/readme.txt HTTP/ ... show more 51.222.12.40 - - [23/Jan/2025:12:57:09 +0200] "GET /wp-content/plugins/infusionsoft/readme.txt HTTP/1.1" 404 2814 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.3 Safari/605.1.15"
51.222.12.40 - - [23/Jan/2025:12:57:10 +0200] "GET /wp-content/plugins/wp-symposium/readme.txt HTTP/1.1" 404 2815 "-" "Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
... show less
Web App Attack
oncord
2025-01-23 02:44:00
(3 weeks ago)
Form spam
Web Spam
strzonnek
2025-01-22 22:03:29
(3 weeks ago)
attack on webform
Brute-Force
Web App Attack
TPI-Abuse
2025-01-22 18:32:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 22 13:32:27.038520 2025] [security2:error] [pid 2354725:tid 2354725] [client 51.222.12.40:58830] [client 51.222.12.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "velocitymech.com"] [uri "/wp-config.php.maj"] [unique_id "Z5E5uwQmf4XTPiZb5hHGEQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
strzonnek
2025-01-21 20:34:06
(3 weeks ago)
attack on webform
Brute-Force
Web App Attack
Anonymous
2025-01-21 17:22:22
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
mnsf
2025-01-21 16:09:22
(3 weeks ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
Anonymous
2025-01-21 07:36:49
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH
ozisp.com.au
2025-01-21 07:18:27
(3 weeks ago)
GB__<33>1737443905 [1:2522089:5772] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group ... show more GB__<33>1737443905 [1:2522089:5772] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 51.222.12.40:47318 show less
Open Proxy
strzonnek
2025-01-20 20:21:44
(3 weeks ago)
attack on webform
Brute-Force
Web App Attack
TPI-Abuse
2025-01-20 08:37:56
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 20 03:37:51.629670 2025] [security2:error] [pid 30623:tid 30623] [client 51.222.12.40:58538] [client 51.222.12.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "losbarbarosdelnorte.com"] [uri "/wp-config.php.CloudTech_bak"] [unique_id "Z44LXzjmf2bQtAbxOnWSUwAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-20 04:21:38
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2025-01-19 21:28:17
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 19 16:28:11.681716 2025] [security2:error] [pid 817303:tid 817303] [client 51.222.12.40:48842] [client 51.222.12.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bb103.us"] [uri "/wp-config.php__bak"] [unique_id "Z41ua2gziQmszOGSdTPaxwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-19 18:07:04
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 51.222.12.40 (vps-feaf4783.vps.ovh.ca): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 19 13:07:00.203800 2025] [security2:error] [pid 24155:tid 24155] [client 51.222.12.40:51890] [client 51.222.12.40] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teenybikinigirls.com"] [uri "/wp-config.php.maj"] [unique_id "Z40_RAXVtDEFbx2qEMG7oQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
strzonnek
2025-01-19 01:13:37
(4 weeks ago)
attack on webform
Brute-Force
Web App Attack