Anonymous
2024-11-16 23:03:52
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
VHosting
2024-11-16 08:57:24
(2 months ago)
Attempt from 52.169.71.117, reason: OverConnLimit
DDoS Attack
Bad Web Bot
Anonymous
2024-11-16 08:19:58
(2 months ago)
Scenario: crowdsecurity/http-wordpress-scan
Hacking
openstrike.co.uk
2024-11-16 06:12:41
(2 months ago)
230 attacks on PHP URLs:
GET /wp-content/plugins/index.php HTTP/1.1
Web App Attack
CryptoYakari
2024-11-16 02:54:10
(2 months ago)
[Sat Nov 16 05:54:07.343972 2024] [proxy_fcgi:error] [pid 2162614:tid 2162660] [client 52.169.71.117 ... show more [Sat Nov 16 05:54:07.343972 2024] [proxy_fcgi:error] [pid 2162614:tid 2162660] [client 52.169.71.117:0] AH01071: Got error 'Primary script unknown'
[Sat Nov 16 05:54:07.395264 2024] [proxy_fcgi:error] [pid 2162614:tid 2162646] [client 52.169.71.117:0] AH01071: Got error 'Primary script unknown'
[Sat Nov 16 05:54:08.677928 2024] [proxy_fcgi:error] [pid 2162615:tid 2162633] [client 52.169.71.117:0] AH01071: Got error 'Primary script unknown'
... show less
Web Spam
Blog Spam
Bad Web Bot
Web App Attack
LRob.fr
2024-11-15 23:00:24
(2 months ago)
Repeated attacks detected by Fail2Ban in recidive jail
Hacking
Database.red
2024-11-15 21:26:18
(2 months ago)
[2024-11-15 16:26:18] Exploit probing - /wp-content/plugins/pwnd/pwnd.php
Hacking
Brute-Force
Web App Attack
Anonymous
2024-11-15 21:04:36
(2 months ago)
wordpress-trap
Web App Attack
Anonymous
2024-11-15 19:34:00
(2 months ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
FeG Deutschland
2024-11-15 17:28:03
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
Ba-Yu
2024-11-15 12:26:46
(2 months ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2024-11-15 10:07:15
(2 months ago)
Fail2Ban apache-noscript
Bad Web Bot
WebpodsLLC
2024-11-15 09:54:35
(2 months ago)
(mod_security) mod_security (id:14203) triggered by 52.169.71.117 (IE/Ireland/-): 3 in the last 3600 ... show more (mod_security) mod_security (id:14203) triggered by 52.169.71.117 (IE/Ireland/-): 3 in the last 3600 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC; show less
Port Scan
Brute-Force
Web App Attack
sweplox.se
2024-11-15 09:26:02
(2 months ago)
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /lv.php HTTP/1.1" 301 162 "-" "-"
52.169.7 ... show more 52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /lv.php HTTP/1.1" 301 162 "-" "-"
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /wp-22.php HTTP/1.1" 301 162 "-" "-"
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 301 162 "-" "-"
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 301 162 "-" "-"
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /wp-includes/Requests/about.php HTTP/1.1" 301 162 "-" "-"
52.169.71.117 - - [15/Nov/2024:09:26:01 +0000] "GET /wp-includes/style-engine/about.php HTTP/1.1" 301 162 "-" "-"
... show less
Bad Web Bot
SSH
joetaylor.dev
2024-11-15 08:43:52
(2 months ago)
[Fri Nov 15 08:43:21.873822 2024] [authz_core:error] [pid 977270:tid 136517680891584] [client 52.169 ... show more [Fri Nov 15 08:43:21.873822 2024] [authz_core:error] [pid 977270:tid 136517680891584] [client 52.169.71.117:0] AH01630: client denied by server configuration: /var/www/vhosts/biosite.uk/httpdocs/public/images/about.php
[Fri Nov 15 08:43:25.329272 2024] [authz_core:error] [pid 977270:tid 136518253414080] [client 52.169.71.117:0] AH01630: client denied by server configuration: /var/www/vhosts/biosite.uk/httpdocs/cloud.php
[Fri Nov 15 08:43:27.915090 2024] [authz_core:error] [pid 977270:tid 136518062573248] [client 52.169.71.117:0] AH01630: client denied by server configuration: /var/www/vhosts/biosite.uk/httpdocs/avaa.php
[Fri Nov 15 08:43:28.013389 2024] [authz_core:error] [pid 977270:tid 136517850760896] [client 52.169.71.117:0] AH01630: client denied by server configuration: /var/www/vhosts/biosite.uk/httpdocs/public/images/cloud.php
[Fri Nov 15 08:43:30.569814 2024] [authz_core:error] [pid 977254:tid 136518041601728] [client 52.169.71.117:0] AH01630: client denied by server configura
... show less
Brute-Force
Web App Attack