Anonymous
2026-06-02 09:24:54
(1 month ago)
FortiWeb WAF: 12 attacks detected. Threat Score: 8400. Types: Client Management(6), Block IP List(6) ...
show more
FortiWeb WAF: 12 attacks detected. Threat Score: 8400. Types: Client Management(6), Block IP List(6). Origin: France.
show less
Web App Attack
๐ฌ๐ง
Oakley
2026-06-01 09:53:23
(1 month ago)
(mod_security) mod_security (id:900191) triggered by 13.39.160.23 (FR/France/ec2-13-39-160-23.eu-wes ...
show more
(mod_security) mod_security (id:900191) triggered by 13.39.160.23 (FR/France/ec2-13-39-160-23.eu-west-3.compute.amazonaws.com): 5 in the last 900 secs
show less
Web App Attack
Hacking
Anonymous
2026-06-01 09:53:15
(1 month ago)
13.39.160.23 - - [01/Jun/2026:11:53:11 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 439 " ...
show more
13.39.160.23 - - [01/Jun/2026:11:53:11 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [01/Jun/2026:11:53:11 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 290 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [01/Jun/2026:11:53:12 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 290 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [01/Jun/2026:11:53:12 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [01/Jun/2026:11:53:14 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3482 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K
...
show less
Brute-Force
Web App Attack
Anonymous
2026-06-01 07:29:01
(1 month ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=17
Hacking
Anonymous
2026-05-31 17:03:12
(1 month ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FR, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: FR, Attack patterns: WordPress scanning, Malicious User-Agent
show less
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-05-31 14:16:07
(1 month ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 13.39.160.23 (FR/France/ec2-13-39-1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 13.39.160.23 (FR/France/ec2-13-39-160-23.eu-west-3.compute.amazonaws.com): 2 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 09:16:14
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 13.39.160.23 (ec2-13-39-160-23.eu-west-3.comput ...
show more
(mod_security) mod_security (id:225170) triggered by 13.39.160.23 (ec2-13-39-160-23.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 05:16:10.982600 2026] [security2:error] [pid 19466:tid 19466] [client 13.39.160.23:50436] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fredlandia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fredlandia.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ahv8WsS1S1qIFyHcH1bKhQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-05-31 09:12:34
(1 month ago)
(mod_security) mod_security (id:210410) triggered by 13.39.160.23 (FR/France/ec2-13-39-160-23.eu-wes ...
show more
(mod_security) mod_security (id:210410) triggered by 13.39.160.23 (FR/France/ec2-13-39-160-23.eu-west-3.compute.amazonaws.com): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-05-31 05:51:43
(1 month ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-05-31 04:44:53
(1 month ago)
13.39.160.23 - - [31/May/2026:07:44:53 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 683 "-" "Mozilla/5. ...
show more
13.39.160.23 - - [31/May/2026:07:44:53 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
...
show less
Web App Attack
๐ท๐ด
INTEQ
2026-05-31 02:11:50
(1 month ago)
Web attack from 13.39.160.23
Web App Attack
๐ซ๐ท
โจ
2026-05-31 01:13:21
(1 month ago)
Rule : WEB
2026-05-31 01:11:12 13.39.160.23 49784 ***hidden-privacy*** 80 - - - - - 400 - BadRequest ...
show more
Rule : WEB
2026-05-31 01:11:12 13.39.160.23 49784 ***hidden-privacy*** 80 - - - - - 400 - BadRequest - TCP
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-31 00:46:59
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 13.39.160.23 (ec2-13-39-160-23.eu-west-3.comput ...
show more
(mod_security) mod_security (id:225170) triggered by 13.39.160.23 (ec2-13-39-160-23.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 20:46:56.352904 2026] [security2:error] [pid 20380:tid 20380] [client 13.39.160.23:56127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||papelandia.com.ve|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "papelandia.com.ve"] [uri "/wp-json/wp/v2/users/"] [unique_id "ahuFAJgh4CjcJHNejjLNdgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-31 00:24:57
(1 month ago)
13.39.160.23 - - [31/May/2026:02:24:56 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "- ...
show more
13.39.160.23 - - [31/May/2026:02:24:56 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [31/May/2026:02:24:56 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [31/May/2026:02:24:57 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [31/May/2026:02:24:57 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
13.39.160.23 - - [31/May/2026:02:24:57 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 441 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x6
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Roderic
2026-05-31 00:24:16
(1 month ago)
(wordpress-404) Searching for non-existent wordpress installs from 13.39.160.23 (FR/France/Paris Dep ...
show more
(wordpress-404) Searching for non-existent wordpress installs from 13.39.160.23 (FR/France/Paris Department/Paris/ec2-13-39-160-23.eu-west-3.compute.amazonaws.com/[redacted])
show less
Brute-Force