octageeks.com
2024-08-18 04:06:58
(4 weeks ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
octageeks.com
2024-08-16 04:07:25
(1 month ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
nv
2024-08-14 15:07:52
(1 month ago)
139.59.19.90 - - [14/Aug/2024:17:07:47 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 301 0 "-" ... show more 139.59.19.90 - - [14/Aug/2024:17:07:47 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" show less
Web App Attack
octageeks.com
2024-08-14 04:06:54
(1 month ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
sverson
2024-08-13 14:47:59
(1 month ago)
Automated report / Wordpress Attack Attempt
Hacking
Web App Attack
noise.agency
2024-08-13 09:36:13
(1 month ago)
(wordpress) Failed wordpress login from 139.59.19.90 (IN/India/-)
Brute-Force
el-brujo
2024-08-13 08:34:09
(1 month ago)
Cloudflare WAF: Request Path: //xmlrpc.php Request Query: ?rsd Host: forum.elhacker.net userAgent: M ... show more Cloudflare WAF: Request Path: //xmlrpc.php Request Query: ?rsd Host: forum.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: DIGITALOCEAN-ASN Country: IN Method: GET Timestamp: 2024-08-13T08:34:09Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
Hacking
SQL Injection
Web App Attack
Anonymous
2024-08-13 08:03:25
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-13 06:45:04
(1 month ago)
(wordpress) Failed wordpress login from 139.59.19.90 (IN/India/-)
Brute-Force
TPI-Abuse
2024-08-12 20:52:12
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 16:52:08.847645 2024] [security2:error] [pid 5994:tid 5994] [client 139.59.19.90:61314] [client 139.59.19.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.konahawaii.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.konahawaii.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zrp1-Iq2OEZxwFvhSPaB-QAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-12 20:12:34
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 16:12:29.555905 2024] [security2:error] [pid 22056:tid 22121] [client 139.59.19.90:57099] [client 139.59.19.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.munatseng.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.munatseng.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZrpsrZRsQd9Xn57loQB6JQAAAUI"] show less
Brute-Force
Bad Web Bot
Web App Attack
corthorn
2024-08-12 19:28:37
(1 month ago)
139.59.19.90 - - [12/Aug/2024:21:28:36 +0200] "POST //xmlrpc.php HTTP/1.1" 403 421 "-" "Mozilla/5.0 ... show more 139.59.19.90 - - [12/Aug/2024:21:28:36 +0200] "POST //xmlrpc.php HTTP/1.1" 403 421 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
... show less
Brute-Force
TPI-Abuse
2024-08-12 18:53:41
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 139.59.19.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 14:53:34.955642 2024] [security2:error] [pid 17428:tid 17428] [client 139.59.19.90:54697] [client 139.59.19.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nursetammytalks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nursetammytalks.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZrpaLjrT55QD9i1k5Za6vgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
mondor.ro
2024-08-12 18:42:20
(1 month ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 139.59.19.90, Reason:[ ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 139.59.19.90, Reason:[(manifest) WordPress wlwmanifest.xml Attack 139.59.19.90 (IN/India/-): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less
Port Scan
MAGIC
2024-08-12 18:00:09
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot