horsemedia
2024-10-16 07:52:24
(3 months ago)
probing for exploits /wp-includes/customize/fai.php
Web App Attack
Anonymous
2024-10-16 04:28:44
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
leolemos
2024-10-15 11:14:30
(3 months ago)
[Tue Oct 15 08:14:20.854295 2024] [proxy_fcgi:error] [pid 135303:tid 266761999347904] [client 91.205 ... show more [Tue Oct 15 08:14:20.854295 2024] [proxy_fcgi:error] [pid 135303:tid 266761999347904] [client 91.205.104.203:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 15 08:14:22.751248 2024] [proxy_fcgi:error] [pid 135303:tid 266762108203200] [client 91.205.104.203:0] AH01071: Got error 'Primary script unknown'
[Tue Oct 15 08:14:29.379258 2024] [proxy_fcgi:error] [pid 135303:tid 266761601347776] [client 91.205.104.203:0] AH01071: Got error 'Primary script unknown' show less
Brute-Force
Web App Attack
Epimetheus
2024-10-15 09:48:25
(3 months ago)
Unauthorized access attempts:
From:
91.205.104.203
Method:
H ... show more Unauthorized access attempts:
From:
91.205.104.203
Method:
HTTP GET
URI Path:
/plugins.php
UA:
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" show less
Web App Attack
cmbplf
2024-10-14 23:28:27
(3 months ago)
286 requests to */.well-known/acme-challenge/*.php
Brute-Force
Bad Web Bot
strefapi_com
2024-10-14 20:48:07
(3 months ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
QT
2024-10-10 21:58:32
(3 months ago)
Website hack attempted at 2024-10-11 07:58:27 +1000
Web App Attack
Anonymous
2024-10-10 11:59:49
(3 months ago)
wordpress-trap
Web App Attack
zynex
2024-10-10 08:49:04
(3 months ago)
URL Probing: /sx.php
Web App Attack
Anonymous
2024-10-10 08:24:27
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_APACHE_403
Brute-Force
SSH
Ba-Yu
2024-10-10 02:23:43
(3 months ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-10-10 01:28:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): ... show more (mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 21:28:00.095198 2024] [security2:error] [pid 22964:tid 22964] [client 91.205.104.203:53013] [client 91.205.104.203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eissenstat.com"] [uri "/wp-config.php"] [unique_id "ZwctoNrwLhxEm_Y3Jth74gAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-10 00:40:25
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-10-09 23:32:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): ... show more (mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 19:31:56.851745 2024] [security2:error] [pid 30239:tid 30239] [client 91.205.104.203:62266] [client 91.205.104.203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teeshirthut.srtmanagementservices.com"] [uri "/wp-config.php"] [unique_id "ZwcSbP4y-srkwg8N8FZjTAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-09 21:56:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): ... show more (mod_security) mod_security (id:210492) triggered by 91.205.104.203 (vmi2018145.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 17:56:03.428355 2024] [security2:error] [pid 30294:tid 30294] [client 91.205.104.203:64687] [client 91.205.104.203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jetzilla.com"] [uri "/wp-config.php"] [unique_id "Zwb787tGC-FhkgWnDV0TlQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack