MAGIC
2024-10-10 15:03:31
(1 day ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-07 05:03:50
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-07 04:43:04
(4 days ago)
Malicious activity detected
Hacking
Web App Attack
Ivo Vynckier
2024-10-06 10:08:00
(5 days ago)
105.235.220.151 - - [06/Oct/2024:01:54:09 +0200] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5. ... show more 105.235.220.151 - - [06/Oct/2024:01:54:09 +0200] "GET /wp-login.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
105.235.220.151 - - [06/Oct/2024:01:54:09 +0200] "GET /xmlrpc.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less
Web App Attack
Sklurk
2024-09-25 06:32:16
(2 weeks ago)
Web App Attack
Web App Attack
MAGIC
2024-09-17 11:02:51
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-09-16 09:47:36
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 05:47:30.905655 2024] [security2:error] [pid 18981:tid 18981] [client 105.235.220.151:57699] [client 105.235.220.151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nwtree.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nwtree.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zuf-sk3MjXeQPNkc8vgHTgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2024-09-14 06:45:00
(3 weeks ago)
Fail2Ban Ban Triggered
Wordpress Attack Attempt
Brute-Force
Web App Attack
URAN Publishing Service
2024-09-10 13:24:34
(1 month ago)
105.235.220.151 - - [10/Sep/2024:16:24:28 +0300] "GET /wp-login.php HTTP/1.1" 404 2622 "-" "Mozilla/ ... show more 105.235.220.151 - - [10/Sep/2024:16:24:28 +0300] "GET /wp-login.php HTTP/1.1" 404 2622 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
105.235.220.151 - - [10/Sep/2024:16:24:29 +0300] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
Anonymous
2024-08-22 06:35:08
(1 month ago)
Trawling for Open Source CMS installs
Hacking
Brute-Force
TPI-Abuse
2024-08-20 12:02:27
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 08:02:20.593035 2024] [security2:error] [pid 10734:tid 10734] [client 105.235.220.151:62116] [client 105.235.220.151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||salernospizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salernospizza.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZsSFzCw23Pwh97SrIfCeewAAABk"] show less
Brute-Force
Bad Web Bot
Web App Attack
axllent
2024-08-15 09:19:18
(1 month ago)
Wordpress login scanning
Brute-Force
Web App Attack
TPI-Abuse
2024-08-02 10:11:28
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 105.235.220.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 02 06:11:20.243250 2024] [security2:error] [pid 23857:tid 23857] [client 105.235.220.151:62002] [client 105.235.220.151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||procigar.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "procigar.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZqywyLMFujCPZ-OSERrxUwAAABk"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-07-26 12:02:10
(2 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
axllent
2024-07-22 14:09:21
(2 months ago)
Wordpress login scanning
Brute-Force
Web App Attack