evr
2024-10-22 01:45:29
(1 month ago)
[Fail2Ban]: Jail apache-noscript triggered 5 time(s) for 52.169.24.106.
[Tue Oct 22 03:45:23.5 ... show more [Fail2Ban]: Jail apache-noscript triggered 5 time(s) for 52.169.24.106.
[Tue Oct 22 03:45:23.584759 2024] [proxy_fcgi:error] [pid 108411:tid 108546] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 22 03:45:23.922999 2024] [proxy_fcgi:error] [pid 108411:tid 108568] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 22 03:45:27.449763 2024] [proxy_fcgi:error] [pid 108411:tid 108554] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 22 03:45:27.833964 2024] [proxy_fcgi:error] [pid 108411:tid 108548] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 22 03:45:28.672179 2024] [proxy_fcgi:error] [pid 108411:tid 108552] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
... show less
Hacking
Web App Attack
Rizzy
2024-10-22 01:13:36
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
advena
2024-10-22 00:00:55
(1 month ago)
52.169.24.106 (AS8075 MICROSOFT-CORP-MSN-AS-BLOCK) was intercepted at 2024-10-21T23:49:20Z after vio ... show more 52.169.24.106 (AS8075 MICROSOFT-CORP-MSN-AS-BLOCK) was intercepted at 2024-10-21T23:49:20Z after violating WAF directive: bot_fight_mode. Pre-cautionary/corrective action applied: managed_challenge. show less
Web Spam
Hacking
Brute-Force
Web App Attack
Anonymous
2024-10-21 18:16:41
(1 month ago)
wordpress-trap
Web App Attack
selahattinalan
2024-10-21 18:01:04
(1 month ago)
[Mon Oct 21 21:01:04.533613 2024] [cgi:error] [pid 1671:tid 140572183017024] [client 52.169.24.106:1 ... show more [Mon Oct 21 21:01:04.533613 2024] [cgi:error] [pid 1671:tid 140572183017024] [client 52.169.24.106:1166] AH02811: script not found or unable to stat: /home/selahattinalan/cgi-bin/plugins.php show less
Brute-Force
leolemos
2024-10-21 17:46:49
(1 month ago)
[Mon Oct 21 14:46:34.257156 2024] [proxy_fcgi:error] [pid 1633262:tid 266762133958848] [client 52.16 ... show more [Mon Oct 21 14:46:34.257156 2024] [proxy_fcgi:error] [pid 1633262:tid 266762133958848] [client 52.169.24.106:0] AH01071: Got error 'Primary script unknown'
[Mon Oct 21 14:46:46.455057 2024] [proxy_fcgi:error] [pid 1633262:tid 266761215602880] [client 52.169.24.106:3486] AH01071: Got error 'Primary script unknown'
[Mon Oct 21 14:46:49.336951 2024] [proxy_fcgi:error] [pid 1633262:tid 266761064476864] [client 52.169.24.106:3486] AH01071: Got error 'Primary script unknown' show less
Brute-Force
Web App Attack
Anonymous
2024-10-21 17:04:10
(1 month ago)
Probing for Open Source CMS Components
Hacking
Brute-Force
rsa
2024-10-21 16:07:00
(1 month ago)
GET /wp-content/upgrade/plugins.php HTTP/1.1
GET /css/plugins.php HTTP/1.1
GET /wp-inc ... show more GET /wp-content/upgrade/plugins.php HTTP/1.1
GET /css/plugins.php HTTP/1.1
GET /wp-includes/SimplePie/plugins.php HTTP/1.1
GET /.well-known/admin.php HTTP/1.1 show less
Hacking
Brute-Force
Web App Attack
Christopher Hughes
2024-10-21 15:12:37
(1 month ago)
wp-includes scan
Web App Attack
Anonymous
2024-10-21 13:41:43
(1 month ago)
[Mon Oct 21 09:41:25.372250 2024] [authz_core:error] [pid 15685] [client 52.169.24.106:58492] AH0163 ... show more [Mon Oct 21 09:41:25.372250 2024] [authz_core:error] [pid 15685] [client 52.169.24.106:58492] AH01630: client denied by server configuration: /home/divorceforms/cgi-bin
[Mon Oct 21 09:41:26.202501 2024] [authz_core:error] [pid 14689] [client 52.169.24.106:63890] AH01630: client denied by server configuration: /home/divorceforms/cgi-bin
[Mon Oct 21 09:41:36.174468 2024] [authz_core:error] [pid 15738] [client 52.169.24.106:31338] AH01630: client denied by server configuration: /home/divorceforms/cgi-bin
[Mon Oct 21 09:41:39.318894 2024] [authz_core:error] [pid 15902] [client 52.169.24.106:64122] AH01630: client denied by server configuration: /home/divorceforms/cgi-bin
[Mon Oct 21 09:41:41.463413 2024] [authz_core:error] [pid 15738] [client 52.169.24.106:31338] AH01630: client denied by server configuration: /home/divorceforms/cgi-bin
... show less
Brute-Force
Mendip_Defender
2024-10-21 10:27:21
(1 month ago)
52.169.24.106 - - [21/Oct/2024:11:27:20 +0100] "GET /wp-includes/certificates/plugins.php HTTP/1.0" ... show more 52.169.24.106 - - [21/Oct/2024:11:27:20 +0100] "GET /wp-includes/certificates/plugins.php HTTP/1.0" 404 1731 "-" "-"
52.169.24.106 - - [21/Oct/2024:11:27:20 +0100] "GET /wp-admin/user/plugins.php HTTP/1.0" 404 1731 "-" "-"
... show less
Hacking
Web App Attack
Anonymous
2024-10-21 10:25:30
(1 month ago)
Scenario: crowdsecurity/http-admin-interface-probing
Hacking
robotstxt
2024-10-21 10:03:06
(1 month ago)
52.169.24.106 - - [21/Oct/2024:10:02:22 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 50363 "-" rt= ... show more 52.169.24.106 - - [21/Oct/2024:10:02:22 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 50363 "-" rt="0.106" "-" "-" h="www.wppodcast.org" sn="www.wppodcast.org" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.106"
52.169.24.106 - - [21/Oct/2024:10:02:23 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 50360 "-" rt="0.110" "-" "-" h="www.wppodcast.org" sn="www.wppodcast.org" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.110"
52.169.24.106 - - [21/Oct/2024:10:02:33 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 50354 "-" rt="0.129" "-" "-" h="www.wppodcast.org" sn="www.wppodcast.org" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.129"
52.169.24.106 - - [21/Oct/2024:10:02:34 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 50351 "-" rt="0.116" "-" "-" h="www.wppodcast.org" sn="www.wppodcast.org" ru
... show less
Bad Web Bot
Anonymous
2024-10-21 09:11:30
(1 month ago)
wordpress-trap
Web App Attack
poledancefamily.be
2024-10-21 03:17:49
(1 month ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/user/plugins.php
Web App Attack