|
๐บ๐ธ
WeekendWeb
|
|
Wordpress Vunerability attack
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 13.213.72.182 (ec2-13-213-72-182.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210492) triggered by 13.213.72.182 (ec2-13-213-72-182.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 11:55:16.009852 2025] [security2:error] [pid 1964128:tid 1964128] [client 13.213.72.182:43642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "socialstudiesforkids.com"] [uri "/wp-config.php.bak"] [unique_id "aNVl5OO01JJod44yCKmutwAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
ATV
|
|
Unsolicited connection attempts to ports 443, 80
|
Hacking
|
|
|
๐ฉ๐ช
Stefan Dreher
|
|
13.213.72.182 - - [06/Dec/2024:23:31:38 +0100] "GET /manifest.js HTTP/1.1" 404 125 "-" "Mozilla/5.0 ...
show more
13.213.72.182 - - [06/Dec/2024:23:31:38 +0100] "GET /manifest.js HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
...
show less
|
Hacking
Web App Attack
|
|
|
๐ญ๐บ
HoneyPotEu
|
|
13.213.72.182 [redacted] (16509-AMAZON-02 Singapore Singapore) - - [06/Dec/2024:23:00:43 +0100] "GET ...
show more
13.213.72.182 [redacted] (16509-AMAZON-02 Singapore Singapore) - - [06/Dec/2024:23:00:43 +0100] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/600.8.9 (KHTML
...
show less
|
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
Major Hostility
|
|
"GET //.[DOMAIN]/wp-includes/js/comment-reply.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/theme ...
show more
"GET //.[DOMAIN]/wp-includes/js/comment-reply.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/cyberchimps/lib/js/jquery.slimbox.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-includes/js/wp-embed.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/inc/js/html5.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/inc/js/theme.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/cyberchimps/lib/js/core.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/cyberchimps/lib/js/jquery.mobile.custom.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax/cyberchimps/lib/js/swipe-call.min.js HTTP/1.1" 404
"GET //.[DOMAIN]/wp-content/themes/parallax%2
show less
|
Web App Attack
|
|
|
Anonymous
|
|
Failed login attempt detected by Fail2Ban in plesk-apache-badbot jail
|
Web App Attack
|
|
|
๐ง๐ช
cmbplf
|
|
21.345 requests in 1 hour (1w21h59m)
|
Brute-Force
Bad Web Bot
|
|
|
๐ณ๐ฑ
ParaBug
|
|
13.213.72.182 - - [05/Dec/2024:07:28:21 +0100] "GET / HTTP/1.1" 301 3224 "-" "DoCoMo/2.0 N905i(c100; ...
show more
13.213.72.182 - - [05/Dec/2024:07:28:21 +0100] "GET / HTTP/1.1" 301 3224 "-" "DoCoMo/2.0 N905i(c100;TB;W24H16) (compatible; Googlebot-Mobile/2.1; http://www.google.com/bot.html)"
...
show less
|
Phishing
Brute-Force
Web App Attack
|
|
|
๐ฉ๐ช
Stefan Dreher
|
|
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET /jquery-1.11.3.min.js HTTP/1.1" 404 125 "-" "msn ...
show more
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET /jquery-1.11.3.min.js HTTP/1.1" 404 125 "-" "msnbot/1.1 ( http://search.msn.com/msnbot.htm)"
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET /holder.min.js HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 OPR/28.0.1750.51"
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET /ie10-viewport-bug-workaround.js HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Konqueror/3.5; NetBSD 4.0_RC3; X11) KHTML/3.5.7 (like Gecko)"
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET //oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Linux; U; Android 10; Infinix X688B Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/99.0.4844.58 Mobile Safari/537.36 OPR/62.5.2254.61243"
13.213.72.182 - - [05/Dec/2024:07:13:22 +0100] "GET /bootstrap.min.js HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit
show less
|
Hacking
Brute-Force
|
|
|
๐ฌ๐ง
rakkor
|
|
2024/12/05 06:00:14 [error] 31808#31808: *366190 open() "/usr/syno/synoman/noise/constants.js" faile ...
show more
2024/12/05 06:00:14 [error] 31808#31808: *366190 open() "/usr/syno/synoman/noise/constants.js" failed (2: No such file or directory), client: 13.213.72.182, server: audio.rakkor.uk, request: "GET /noise/constants.js HTTP/1.1", host: "audio.rakkor.uk"
2024/12/05 06:00:14 [error] 31805#31805: *366198 open() "/usr/syno/synoman/synowebapi.js/synowebapi.min.js" failed (2: No such file or directory), client: 13.213.72.182, server: audio.rakkor.uk, request: "GET /synowebapi.js/synowebapi.min.js HTTP/1.1", host: "audio.rakkor.uk"
...
show less
|
Hacking
Brute-Force
Web App Attack
|
|
|
๐จ๐ฟ
0x44
|
|
13.213.72.182 [04/Dec/2024 * Spam host detected, probing for vulnerabilities]
|
Web Spam
Exploited Host
Web App Attack
|
|
|
Anonymous
|
|
Portscan: TCP/443 (3x), TCP/80 (3x)
|
Port Scan
|
|
|
๐ณ๐ฑ
ATV
|
|
Unsolicited connection attempts to ports 443, 80
|
Hacking
|
|
|
๐ฌ๐ง
david1117
|
|
Bruteforcing Access to Web Application
|
Web App Attack
IoT Targeted
|
|