MAGIC
2024-08-29 14:04:16
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
conseilgouz
2024-08-26 23:42:13
(2 weeks ago)
sie-6 : Trying access system files=>/wp-login.php(wp-login.php)
Hacking
URAN Publishing Service
2024-08-26 23:02:48
(2 weeks ago)
106.58.220.64 - - [27/Aug/2024:02:02:45 +0300] "GET /wp-login.php HTTP/1.1" 404 277 "-" "Apache-Http ... show more 106.58.220.64 - - [27/Aug/2024:02:02:45 +0300] "GET /wp-login.php HTTP/1.1" 404 277 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)"
106.58.220.64 - - [27/Aug/2024:02:02:47 +0300] "GET /wp-login.php HTTP/1.1" 404 276 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)"
... show less
Web App Attack
rtbh.com.tr
2024-08-25 20:55:17
(2 weeks ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Anonymous
2024-08-24 13:49:36
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
WeekendWeb
2024-08-21 17:55:07
(3 weeks ago)
Wordpress Vunerability attack
Web App Attack
stinpriza
2024-08-21 11:02:52
(3 weeks ago)
WP Authentication attempt for unknown user
Brute-Force
Web App Attack
Dadelinux
2024-08-20 17:11:49
(3 weeks ago)
106.58.220.64 - - [20/Aug/2024:19:04:39 +0200] "GET /wp-login.php HTTP/1.1" 301 697 "-" "Apache-Http ... show more 106.58.220.64 - - [20/Aug/2024:19:04:39 +0200] "GET /wp-login.php HTTP/1.1" 301 697 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)"
106.58.220.64 - - [20/Aug/2024:19:05:01 +0200] "GET /wp-login.php HTTP/1.1" 200 7090 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)"
106.58.220.64 - - [20/Aug/2024:19:11:48 +0200] "GET /xmlrpc.php HTTP/1.1" 301 693 "-" "Apache-HttpClient/4.5.2 (Java/1.8.0_161)" show less
SQL Injection
Web App Attack
MAGIC
2024-08-20 06:07:47
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Dolphi
2024-08-19 05:10:02
(3 weeks ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
MAGIC
2024-08-18 18:09:10
(3 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-08-15 23:02:40
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 19:02:28.192660 2024] [security2:error] [pid 10552:tid 10552] [client 106.58.220.64:59581] [client 106.58.220.64] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.58.220.64 (+1 hits since last alert)|neconebooks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "neconebooks.com"] [uri "/xmlrpc.php"] [unique_id "Zr6JBH4nag8Pi4fW_MnTZwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
rh24
2024-08-15 23:02:13
(4 weeks ago)
(wordpress-user-enum) Failed wordpress-user-enum trigger from 106.58.220.64 (CN/China/-): (CF_ENABL ... show more (wordpress-user-enum) Failed wordpress-user-enum trigger from 106.58.220.64 (CN/China/-): (CF_ENABLE) show less
Brute-Force
TPI-Abuse
2024-08-13 17:20:02
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 13:19:52.236553 2024] [security2:error] [pid 24505:tid 24505] [client 106.58.220.64:56553] [client 106.58.220.64] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.58.220.64 (+1 hits since last alert)|www.penguinexpressmag.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.penguinexpressmag.com"] [uri "/xmlrpc.php"] [unique_id "ZruVuH-q_gagMwNEkrg0bQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-12 17:59:26
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 106.58.220.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 13:59:15.655905 2024] [security2:error] [pid 18577:tid 18577] [client 106.58.220.64:61601] [client 106.58.220.64] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.58.220.64 (+1 hits since last alert)|www.suntanner.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.suntanner.net"] [uri "/xmlrpc.php"] [unique_id "ZrpNcyMyhcMtl9GoAjgMawAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack