MAGIC
2024-01-18 10:04:54
(10 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
niceshops.com
2024-01-06 07:31:00
(10 months ago)
Web Attack ([06/Jan/2024:08:30:58.558] GET /wp-login.php)
Web App Attack
niceshops.com
2024-01-02 23:35:32
(10 months ago)
Web Attack ([03/Jan/2024:00:35:31.013] GET /wp-login.php)
Web App Attack
niceshops.com
2024-01-01 14:10:27
(11 months ago)
Web Attack ([01/Jan/2024:15:10:26.042] GET /wp-login.php)
Web App Attack
TPI-Abuse
2023-12-31 14:32:42
(11 months ago)
(mod_security) mod_security (id:225170) triggered by 117.215.134.52 (static.ftth.gtr.117.215.134.52. ... show more (mod_security) mod_security (id:225170) triggered by 117.215.134.52 (static.ftth.gtr.117.215.134.52.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 31 09:32:35.983386 2023] [security2:error] [pid 30822] [client 117.215.134.52:60015] [client 117.215.134.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nwtree.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nwtree.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZZF7g0QkNL4KhsWUcaY-UQAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-30 13:35:52
(11 months ago)
(mod_security) mod_security (id:225170) triggered by 117.215.134.52 (static.bb.gtr.117.215.134.52.bs ... show more (mod_security) mod_security (id:225170) triggered by 117.215.134.52 (static.bb.gtr.117.215.134.52.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 30 08:35:46.795864 2023] [security2:error] [pid 11783] [client 117.215.134.52:63319] [client 117.215.134.52] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.pazzidipizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.pazzidipizza.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZZAcssKG0rtTMeoNyDJp3AAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
CrystalMaker
2023-12-29 12:59:36
(11 months ago)
Wordpress attack - GET /wp-login.php; GET /xmlrpc.php; GET /wp-login.php; GET /xmlrpc.php
Web App Attack
URAN Publishing Service
2023-12-29 06:55:20
(11 months ago)
117.215.134.52 - - [29/Dec/2023:08:55:18 +0200] "GET /wp-login.php HTTP/1.1" 404 4782 "-" "Mozilla/5 ... show more 117.215.134.52 - - [29/Dec/2023:08:55:18 +0200] "GET /wp-login.php HTTP/1.1" 404 4782 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
117.215.134.52 - - [29/Dec/2023:08:55:19 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
Hirte
2023-12-23 14:16:38
(11 months ago)
ABV: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
MAGIC
2023-12-19 10:02:37
(11 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
URAN Publishing Service
2023-12-18 15:07:05
(11 months ago)
117.215.134.52 - - [18/Dec/2023:17:07:02 +0200] "GET /wp-login.php HTTP/1.1" 404 4782 "-" "Mozilla/5 ... show more 117.215.134.52 - - [18/Dec/2023:17:07:02 +0200] "GET /wp-login.php HTTP/1.1" 404 4782 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
117.215.134.52 - - [18/Dec/2023:17:07:03 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
Anonymous
2023-12-18 11:19:00
(11 months ago)
"Illegal file type"
Brute-Force
niceshops.com
2023-12-14 06:44:15
(11 months ago)
Web Attack ([14/Dec/2023:07:44:14.670] GET /wp-login.php)
Web App Attack
niceshops.com
2023-12-13 06:48:07
(11 months ago)
Web Attack ([13/Dec/2023:07:48:05.914] GET /wp-login.php)
Web App Attack
Steve
2023-12-13 05:27:28
(11 months ago)
Attempts against non-existent wordpress site
Brute-Force
Web App Attack