Anonymous
2024-12-03 18:46:52
(3 days ago)
marleenrecords.breidenba.ch 139.59.237.106 [03/Dec/2024:18:42:31 +0100] "POST /xmlrpc.php HTTP/1.1" ... show more marleenrecords.breidenba.ch 139.59.237.106 [03/Dec/2024:18:42:31 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4451 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.10) Gecko/20050716 Firefox/1.0.6"
praxis-sadet.at 139.59.237.106 [03/Dec/2024:19:46:47 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4443 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
praxis-sadet.at 139.59.237.106 [03/Dec/2024:19:46:52 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4443 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" show less
Web App Attack
F242
2024-12-03 10:25:10
(3 days ago)
Wordpress soft lock
Web App Attack
karger
2024-12-03 07:22:04
(4 days ago)
Wordpress attack - soft filter
Brute-Force
Web App Attack
Jim Keir
2024-12-03 06:20:10
(4 days ago)
2024-12-03 06:20:10 139.59.237.106 File scanning, blocking 139.59.237.106 for 5 minutes
Web App Attack
KIsmay
2024-12-03 01:06:08
(4 days ago)
Dec 2 17:27:11 www4 WPAudit[3860510]: 139.59.237.106 hvrhaulers.com "Mozilla/5.0 (Windows NT 10.0; ... show more Dec 2 17:27:11 www4 WPAudit[3860510]: 139.59.237.106 hvrhaulers.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" admin:hvrhaulers.com FAIL
Dec 2 17:35:20 www4 WPAudit[3861240]: 139.59.237.106 hvrhaulers.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:test@123 FAIL
Dec 2 18:11:37 www4 WPAudit[3861880]: 139.59.237.106 hvrhaulers.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:sbd-admin54321 FAIL
Dec 2 19:37:28 www4 WPAudit[3866421]: 139.59.237.106 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" Admin:admin@123 FAIL
Dec 2 20:06:07 www4 WPAudit[3869024]: 139.59.237.106 www.servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/1
... show less
Brute-Force
Web App Attack
LRob.fr
2024-12-02 23:00:47
(4 days ago)
Repeated attacks detected by Fail2Ban in recidive jail
Hacking
Jim Keir
2024-12-02 21:01:03
(4 days ago)
2024-12-02 21:01:02 139.59.237.106 File scanning, blocking 139.59.237.106 for 5 minutes
Web App Attack
georgengelmann
2024-12-02 20:48:07
(4 days ago)
Failed login attempt for admin
Brute-Force
Web App Attack
Sysadmin Peter
2024-12-02 20:25:04
(4 days ago)
139.59.237.106 - - [02/Dec/2024:21:20:35 +0100] "POST /wp-login.php HTTP/2.0" 200 2975 "https://ja-s ... show more 139.59.237.106 - - [02/Dec/2024:21:20:35 +0100] "POST /wp-login.php HTTP/2.0" 200 2975 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
139.59.237.106 - - [02/Dec/2024:21:25:03 +0100] "POST /wp-login.php HTTP/2.0" 200 3028 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
... show less
Brute-Force
Web App Attack
Anonymous
2024-12-02 20:10:00
(4 days ago)
Malicious activity detected
Hacking
Brute-Force
rsiddall
2024-12-02 19:07:53
(4 days ago)
139.59.237.106 - - [02/Dec/2024:14:07:23 -0500] "POST /xmlrpc.php HTTP/1.1" 404 - "-" "Mozilla/5.0 ( ... show more 139.59.237.106 - - [02/Dec/2024:14:07:23 -0500] "POST /xmlrpc.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
139.59.237.106 - - [02/Dec/2024:14:07:52 -0500] "POST /xmlrpc.php HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
... show less
Brute-Force
Jim Keir
2024-12-02 18:07:17
(4 days ago)
2024-12-02 18:07:16 139.59.237.106 File scanning, blocking 139.59.237.106 for 5 minutes
Web App Attack
Anonymous
2024-12-02 16:06:14
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
nationaleventpros.com
2024-12-02 13:39:17
(4 days ago)
WordPress login attempt
Brute-Force
mawan
2024-12-02 13:12:11
(4 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack