FeG Deutschland
2024-10-19 06:55:01
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities - 3
Exploited Host
Web App Attack
cmbplf
2024-10-18 19:32:23
(1 month ago)
234 requests to */.well-known/acme-challenge/*.php
Brute-Force
Bad Web Bot
robotstxt
2024-10-18 16:54:55
(1 month ago)
52.169.24.106 - - [18/Oct/2024:16:54:21 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 75879 "-" "-" ... show more 52.169.24.106 - - [18/Oct/2024:16:54:21 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:16:54:22 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:16:54:30 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:16:54:30 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:16:54:32 +0000] "GET /cgi-bin/index.php HTTP/1.1" 404 5 "-" "-"
... show less
Bad Web Bot
Rocky Mountain Bioengineering Symposium
2024-10-18 16:20:34
(1 month ago)
[Fri Oct 18 10:20:21.104415 2024] [cgid:error] [pid 16298:tid 139628598236736] [client 52.169.24.106 ... show more [Fri Oct 18 10:20:21.104415 2024] [cgid:error] [pid 16298:tid 139628598236736] [client 52.169.24.106:11547] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/plugins.php
[Fri Oct 18 10:20:22.389213 2024] [cgid:error] [pid 16298:tid 139630351459904] [client 52.169.24.106:11547] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/xmrlpc.php
[Fri Oct 18 10:20:34.642533 2024] [cgid:error] [pid 16298:tid 139630343067200] [client 52.169.24.106:11547] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/file.php
... show less
Web App Attack
robotstxt
2024-10-18 14:45:09
(1 month ago)
52.169.24.106 - - [18/Oct/2024:14:44:14 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 75879 "-" "-" ... show more 52.169.24.106 - - [18/Oct/2024:14:44:14 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:14:44:14 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:14:44:22 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:14:44:23 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 75879 "-" "-"
52.169.24.106 - - [18/Oct/2024:14:44:25 +0000] "GET /cgi-bin/index.php HTTP/1.1" 404 5 "-" "-"
... show less
Bad Web Bot
robotstxt
2024-10-18 13:59:14
(1 month ago)
52.169.24.106 - - [18/Oct/2024:13:58:21 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 23818 "-" rt= ... show more 52.169.24.106 - - [18/Oct/2024:13:58:21 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 23818 "-" rt="0.193" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.193"
52.169.24.106 - - [18/Oct/2024:13:58:23 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 23818 "-" rt="0.216" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.217"
52.169.24.106 - - [18/Oct/2024:13:58:35 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 23818 "-" rt="0.181" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.181"
... show less
Bad Web Bot
Rocky Mountain Bioengineering Symposium
2024-10-18 13:56:24
(1 month ago)
[Fri Oct 18 07:56:10.010495 2024] [cgid:error] [pid 16293:tid 139629537760832] [client 52.169.24.106 ... show more [Fri Oct 18 07:56:10.010495 2024] [cgid:error] [pid 16293:tid 139629537760832] [client 52.169.24.106:1175] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/plugins.php
[Fri Oct 18 07:56:11.264566 2024] [cgid:error] [pid 16293:tid 139629160285760] [client 52.169.24.106:1175] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/xmrlpc.php
[Fri Oct 18 07:56:24.212401 2024] [cgid:error] [pid 16293:tid 139629185463872] [client 52.169.24.106:1175] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/file.php
... show less
Web App Attack
robotstxt
2024-10-18 13:04:55
(1 month ago)
52.169.24.106 - - [18/Oct/2024:13:04:43 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 50509 "-" rt= ... show more 52.169.24.106 - - [18/Oct/2024:13:04:43 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 50509 "-" rt="0.115" "-" "-" h="www.wppodcast.es" sn="www.wppodcast.es" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.115"
52.169.24.106 - - [18/Oct/2024:13:04:44 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 50506 "-" rt="0.121" "-" "-" h="www.wppodcast.es" sn="www.wppodcast.es" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.121"
52.169.24.106 - - [18/Oct/2024:13:04:53 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 50500 "-" rt="0.117" "-" "-" h="www.wppodcast.es" sn="www.wppodcast.es" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wppodcast82.sock" us="404" uct="0.000" urt="0.117"
52.169.24.106 - - [18/Oct/2024:13:04:54 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 50497 "-" rt="0.114" "-" "-" h="www.wppodcast.es" sn="www.wppodcast.es" ru="/cgi-b
... show less
Bad Web Bot
MogBox
2024-10-18 11:37:27
(1 month ago)
(RSRCTROLL) Vulnerability Trolling: GET/POST /wp-includes/ID3/ 52.169.24.106 (IE/Ireland/-): 1 in th ... show more (RSRCTROLL) Vulnerability Trolling: GET/POST /wp-includes/ID3/ 52.169.24.106 (IE/Ireland/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 52.169.24.106 - - [18/Oct/2024:07:37:24 -0400] "GET /wp-includes/ID3/plugins.php HTTP/2.0" 401 53 "-" "-" show less
Hacking
robotstxt
2024-10-18 11:33:24
(1 month ago)
52.169.24.106 - - [18/Oct/2024:11:32:51 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 61513 "-" rt= ... show more 52.169.24.106 - - [18/Oct/2024:11:32:51 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 61513 "-" rt="0.182" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.182"
52.169.24.106 - - [18/Oct/2024:11:32:52 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 61513 "-" rt="0.176" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.176"
52.169.24.106 - - [18/Oct/2024:11:33:09 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 61513 "-" rt="0.205" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.205"
52.169.24.106 - - [18/Oct/2024:11:33:10 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 61513 "-" rt="0.195" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/404.php" u="/index.php
... show less
Bad Web Bot
Anonymous
2024-10-18 11:10:20
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH
robotstxt
2024-10-18 10:46:54
(1 month ago)
52.169.24.106 - - [18/Oct/2024:10:45:58 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 44607 "-" rt= ... show more 52.169.24.106 - - [18/Oct/2024:10:45:58 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 44607 "-" rt="0.075" "-" "-" h="www.wpsysadmin.com" sn="www.wpsysadmin.com" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wpsysadmin82.sock" us="404" uct="0.000" urt="0.075"
52.169.24.106 - - [18/Oct/2024:10:45:59 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 44607 "-" rt="0.077" "-" "-" h="www.wpsysadmin.com" sn="www.wpsysadmin.com" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wpsysadmin82.sock" us="404" uct="0.000" urt="0.077"
52.169.24.106 - - [18/Oct/2024:10:46:12 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 44607 "-" rt="0.090" "-" "-" h="www.wpsysadmin.com" sn="www.wpsysadmin.com" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/wpsysadmin82.sock" us="404" uct="0.000" urt="0.090"
52.169.24.106 - - [18/Oct/2024:10:46:12 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 44607 "-" rt="0.082" "-" "-" h="www.wpsysadmin.com" sn="www.wpsysad
... show less
Bad Web Bot
robotstxt
2024-10-18 10:25:12
(1 month ago)
52.169.24.106 - - [18/Oct/2024:10:24:36 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 18009 "-" rt= ... show more 52.169.24.106 - - [18/Oct/2024:10:24:36 +0000] "GET /cgi-bin/plugins.php HTTP/1.1" 404 18009 "-" rt="0.095" "-" "-" h="www.laarrobaesbella.com" sn="www.laarrobaesbella.com" ru="/cgi-bin/plugins.php" u="/index.php" ucs="-" ua="unix:/var/run/php/laarrobaesbella82.sock" us="404" uct="0.000" urt="0.095"
52.169.24.106 - - [18/Oct/2024:10:24:37 +0000] "GET /cgi-bin/xmrlpc.php HTTP/1.1" 404 18009 "-" rt="0.097" "-" "-" h="www.laarrobaesbella.com" sn="www.laarrobaesbella.com" ru="/cgi-bin/xmrlpc.php" u="/index.php" ucs="-" ua="unix:/var/run/php/laarrobaesbella82.sock" us="404" uct="0.000" urt="0.097"
52.169.24.106 - - [18/Oct/2024:10:24:45 +0000] "GET /cgi-bin/file.php HTTP/1.1" 404 18009 "-" rt="0.094" "-" "-" h="www.laarrobaesbella.com" sn="www.laarrobaesbella.com" ru="/cgi-bin/file.php" u="/index.php" ucs="-" ua="unix:/var/run/php/laarrobaesbella82.sock" us="404" uct="0.000" urt="0.094"
52.169.24.106 - - [18/Oct/2024:10:24:46 +0000] "GET /cgi-bin/404.php HTTP/1.1" 404 18009 "-" rt="0.112" "
... show less
Bad Web Bot
Anonymous
2024-10-18 06:42:01
(1 month ago)
wordpress-trap
Web App Attack
openstrike.co.uk
2024-10-18 05:12:59
(1 month ago)
214 attacks on PHP URLs:
GET /makeasmtp.php HTTP/1.1
Web App Attack