SCHAPPY
2024-10-05 09:32:34
(1 month ago)
Web app attack detected. Host header is a numeric IP address
Web App Attack
FEWA
2024-10-05 09:24:52
(1 month ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack
spyra.rocks
2024-10-05 09:19:05
(1 month ago)
NGINX
Bad Web Bot
GAS
2024-10-05 08:07:50
(1 month ago)
54.151.116.138 - - [05/Oct/2024:10:07:48 +0200] "GET / HTTP/1.1" 404 523 "-" "Go-http-client/1.1"<br ... show more 54.151.116.138 - - [05/Oct/2024:10:07:48 +0200] "GET / HTTP/1.1" 404 523 "-" "Go-http-client/1.1"
54.151.116.138 - - [05/Oct/2024:10:07:48 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 523 "-" "Go-http-client/1.1"
... show less
Port Scan
serverobot.de
2024-10-05 08:03:13
(1 month ago)
54.151.116.138 - - [05/Oct/2024:10:03:12 +0200] "GET / HTTP/1.1" 200 393 "-" "Go-http-client/1.1"<br ... show more 54.151.116.138 - - [05/Oct/2024:10:03:12 +0200] "GET / HTTP/1.1" 200 393 "-" "Go-http-client/1.1"
... show less
Bad Web Bot
Web App Attack
Vaction
2024-10-05 08:00:55
(1 month ago)
54.151.116.138 - - [05/Oct/2024:10:00:54 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 341 ... show more 54.151.116.138 - - [05/Oct/2024:10:00:54 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 341 "-" "Go-http-client/1.1" show less
Hacking
Bad Web Bot
Web App Attack
MSZ
2024-10-05 08:00:12
(1 month ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
Anonymous
2024-10-05 07:59:26
(1 month ago)
[Sat Oct 05 00:52:13.490860 2024] [authz_core:error] [pid 3788607] [client 54.151.116.138:43244] AH0 ... show more [Sat Oct 05 00:52:13.490860 2024] [authz_core:error] [pid 3788607] [client 54.151.116.138:43244] AH01630: client denied by server configuration: /home/appowner/www/sec/
[Sat Oct 05 00:52:13.514389 2024] [authz_core:error] [pid 3788607] [client 54.151.116.138:43244] AH01630: client denied by server configuration: /home/appowner/www/sec/wp-includes
[Sat Oct 05 00:52:13.537829 2024] [authz_core:error] [pid 3788607] [client 54.151.116.138:43244] AH01630: client denied by server configuration: /home/appowner/www/sec/media
[Sat Oct 05 00:59:25.821730 2024] [authz_core:error] [pid 3788608] [client 54.151.116.138:46214] AH01630: client denied by server configuration: /home/appowner/www/sec/
[Sat Oct 05 00:59:25.845823 2024] [authz_core:error] [pid 3788608] [client 54.151.116.138:46214] AH01630: client denied by server configuration: /home/appowner/www/sec/wp-includes
... show less
Brute-Force
SSH
www.gregorymariani.com
2024-10-05 07:58:58
(1 month ago)
54.151.116.138 - - [05/Oct/2024:09:58:57 +0200] "GET / HTTP/1.1" 404 125 "-" "Go-http-client/1.1"<br ... show more 54.151.116.138 - - [05/Oct/2024:09:58:57 +0200] "GET / HTTP/1.1" 404 125 "-" "Go-http-client/1.1"
54.151.116.138 - - [05/Oct/2024:09:58:57 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 125 "-" "Go-http-client/1.1"
54.151.116.138 - - [05/Oct/2024:09:58:57 +0200] "GET /media/system/js/core.js HTTP/1.1" 404 125 "-" "Go-http-client/1.1" show less
Brute-Force
SSH
www.elivecd.org
2024-10-05 07:57:07
(1 month ago)
2024/10/05 08:57:06 [error] 2941932#2941932: *242275 FastCGI sent in stderr: "PHP message: BOT WARNI ... show more 2024/10/05 08:57:06 [error] 2941932#2941932: *242275 FastCGI sent in stderr: "PHP message: BOT WARNING: visitor used the honeypot: 54.151.116.138, you should ban it for long time (honeypot form function-abuseipdb)" while reading response header from upstream, client: 54.151.116.138, server: www.elivecd.org, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php8.2-fpm-elivewp.sock:", host: "78.141.243.157"
... show less
Web Spam
Email Spam
Carltonfsck
2024-10-05 07:56:57
(1 month ago)
54.151.116.138 - - [05/Oct/2024:06:52:22 +0000] "GET /.env HTTP/1.1" 404 49
54.151.116.138 - - ... show more 54.151.116.138 - - [05/Oct/2024:06:52:22 +0000] "GET /.env HTTP/1.1" 404 49
54.151.116.138 - - [05/Oct/2024:07:56:56 +0000] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 49
... show less
Hacking
Web App Attack
Anonymous
2024-10-05 07:56:02
(1 month ago)
[Sat Oct 05 09:56:01.424565 2024] [authz_core:error] [pid 7524] [client 54.151.116.138:43808] AH0163 ... show more [Sat Oct 05 09:56:01.424565 2024] [authz_core:error] [pid 7524] [client 54.151.116.138:43808] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Oct 05 09:56:01.580923 2024] [authz_core:error] [pid 7524] [client 54.151.116.138:43808] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Oct 05 09:56:01.737305 2024] [authz_core:error] [pid 7524] [client 54.151.116.138:43808] AH01630: client denied by server configuration: /etc/httpd/htdocs
... show less
Web App Attack
Anonymous
2024-10-05 07:56:01
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
HeliJP
2024-10-05 07:55:36
(1 month ago)
2024-10-05T07:27:55Z - Recognized attacks\bad behavior from IP address 54.151.116.138 on port 443\80 ... show more 2024-10-05T07:27:55Z - Recognized attacks\bad behavior from IP address 54.151.116.138 on port 443\80 (4 daily hits): client denied by server configuration show less
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
MortimerCat
2024-10-05 07:53:26
(1 month ago)
Attempting to find insecure Wordpress folders
Web App Attack