debaba
2022-01-03 20:21:38
(2 years ago)
Brute-Force
Web App Attack
NyaljBe
2022-01-02 22:40:02
(2 years ago)
2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 ... show more 2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [02/Jan/2022:12:58:13 +0100] "GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 show less
Brute-Force
Web App Attack
DumaNet
2022-01-02 17:55:18
(2 years ago)
WordPress (CMS) attack attempts.
Date: 2022 Jan 02. 12:01:26
Source IP: 2.56.57.93<br ... show more WordPress (CMS) attack attempts.
Date: 2022 Jan 02. 12:01:26
Source IP: 2.56.57.93
Portion of the log(s):
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /wp/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /2020/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /website/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /web/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /news/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:13 +0100] "GET /blog/wp-includes/wlwmanifest.xml show less
Web App Attack
DumaNet
2022-01-02 17:36:54
(2 years ago)
WordPress (CMS) attack attempts.
Date: 2022 Jan 02. 11:58:13
Source IP: 2.56.57.93<br ... show more WordPress (CMS) attack attempts.
Date: 2022 Jan 02. 11:58:13
Source IP: 2.56.57.93
Portion of the log(s):
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /wp/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /website/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /website/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /wordpress/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /web/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /web/wp-includes/wlwmanifest.xml
2.56.57.93 - [02/Jan/2022:11:58:12 +0100] "GET /blog/wp-includes/wlwmanifest.xml show less
Web App Attack
kais-universum.de
2022-01-02 05:45:16
(2 years ago)
Jan 2 11:45:14 h2880623 wordpress(www.codc.eu)[19319]: XML-RPC authentication failure for kai from ... show more Jan 2 11:45:14 h2880623 wordpress(www.codc.eu)[19319]: XML-RPC authentication failure for kai from 2.56.57.93
Jan 2 11:45:14 h2880623 wordpress(www.codc.eu)[19319]: XML-RPC authentication failure for kai from 2.56.57.93
Jan 2 11:45:14 h2880623 wordpress(www.codc.eu)[19319]: XML-RPC authentication failure for kai from 2.56.57.93
Jan 2 11:45:14 h2880623 wordpress(www.codc.eu)[19319]: XML-RPC authentication failure for kai from 2.56.57.93
... show less
Brute-Force
Web App Attack
paradigma-software.de
2022-01-02 00:17:32
(2 years ago)
Jan 2 06:17:31 s15260644 wordpress(www.skpwerbung.de)[114630]: Blocked user enumeration attempt fro ... show more Jan 2 06:17:31 s15260644 wordpress(www.skpwerbung.de)[114630]: Blocked user enumeration attempt from 2.56.57.93
Jan 2 06:17:31 s15260644 wordpress(www.skpwerbung.de)[114633]: Blocked user enumeration attempt from 2.56.57.93
Jan 2 06:17:31 s15260644 wordpress(www.skpwerbung.de)[114632]: Blocked user enumeration attempt from 2.56.57.93 show less
Hacking
Web App Attack
bittiguru.fi
2022-01-01 23:31:48
(2 years ago)
2.56.57.93 - - \[02/Jan/2022:06:31:47 +0200\] "POST //xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 ... show more 2.56.57.93 - - \[02/Jan/2022:06:31:47 +0200\] "POST //xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/88.0.4240.193 Safari/537.36" "-"
2.56.57.93 - - \[02/Jan/2022:06:31:47 +0200\] "POST //xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/88.0.4240.193 Safari/537.36" "-"
... show less
Hacking
Brute-Force
Web App Attack
GFVAAServicesLtd
2022-01-01 19:55:27
(2 years ago)
2.56.57.93 - - [02/Jan/2022:00:55:26 +0000] "GET /xmlrpc.php?rsd HTTP/1.1" 401 590 "-" "Mozilla/5.0 ... show more 2.56.57.93 - - [02/Jan/2022:00:55:26 +0000] "GET /xmlrpc.php?rsd HTTP/1.1" 401 590 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
... show less
Hacking
Web App Attack
Per-Erik Runebert
2021-12-31 04:39:05
(2 years ago)
Excessive unauthorized requests
Hacking
Raist
2021-12-30 21:36:55
(2 years ago)
Auto reported : Massive generation of 404/403
Web App Attack
Nightreaver
2021-12-30 20:11:36
(2 years ago)
2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 498 "-" ... show more 2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
2.56.57.93 - - [31/Dec/2021:02:11:35 0100] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x[...] show less
Bad Web Bot
Web App Attack
faserx
2021-12-30 19:01:40
(2 years ago)
\[Fri Dec 31 00:01:39.459520 2021\] \[authz_core:error\] \[pid 25968\] \[client 2.56.57.93:50004\] A ... show more \[Fri Dec 31 00:01:39.459520 2021\] \[authz_core:error\] \[pid 25968\] \[client 2.56.57.93:50004\] AH01630: client denied by server configuration: /var/www3/ show less
Hacking
Web App Attack
tectus.net
2021-12-30 17:52:07
(2 years ago)
invalid username 'webmaster'
Brute-Force
Web App Attack
Sklurk
2021-12-30 15:17:04
(2 years ago)
Web App Attack
UKFast Security
2021-12-30 13:33:42
(2 years ago)
Multiple web server 500 error code (Internal Error).
Web App Attack