exxos
2025-01-25 05:29:36
(2 weeks ago)
http-no-verb
Hacking
polycoda
2025-01-22 11:34:18
(2 weeks ago)
⌨️ Probes for wlwmanifest.xml everywhere
Hacking
Web App Attack
TPI-Abuse
2025-01-22 01:05:39
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 34.127.79.247 (247.79.127.34.bc.googleuserconte ... show more (mod_security) mod_security (id:225170) triggered by 34.127.79.247 (247.79.127.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 20:05:36.491354 2025] [security2:error] [pid 5004:tid 5004] [client 34.127.79.247:58624] [client 34.127.79.247] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nancyscafeandcatering.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nancyscafeandcatering.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5BEYNXlqxc4tU_gHxlXWgAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2025-01-22 01:03:48
(2 weeks ago)
Fail2Ban Ban Triggered
Wordpress Attack Attempt
Brute-Force
Web App Attack
ecodehost.com
2025-01-22 01:03:21
(2 weeks ago)
Domain : ecodehost.com
Rule : env
2025-01-22 00:42:05 10.100.1.20 GET /cms/wp-includes/w ... show more Domain : ecodehost.com
Rule : env
2025-01-22 00:42:05 10.100.1.20 GET /cms/wp-includes/wlwmanifest.xml - 443 - 34.127.79.247 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 - www.ecodehost.com 404 0 2 1384 409 409 - - show less
Hacking
SQL Injection
hostopya.com
2025-01-22 01:00:26
(2 weeks ago)
AUTOMATED REPORT: Attempting to access Wordpress wlwmanifest.xml file.
Hacking
exxos
2025-01-22 00:52:34
(2 weeks ago)
http-no-verb
Hacking
COMAITE
2025-01-22 00:52:19
(2 weeks ago)
Multiple web server 400 error codes from same source ip 34.127.79.247.
Web App Attack
Anonymous
2025-01-22 00:47:48
(2 weeks ago)
Fail2ban block
Brute-Force
Web App Attack
vestibtech
2025-01-22 00:44:05
(2 weeks ago)
34.127.79.247 - - [21/Jan/2025:17:44:05 -0700] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 1018 ... show more 34.127.79.247 - - [21/Jan/2025:17:44:05 -0700] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 10180 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
... show less
Web App Attack
ecodehost.com
2025-01-22 00:43:43
(2 weeks ago)
Domain : ecodehost.com
Rule : xmlrpc
2025-01-22 00:42:00 10.100.1.20 GET /xmlrpc.php rsd ... show more Domain : ecodehost.com
Rule : xmlrpc
2025-01-22 00:42:00 10.100.1.20 GET /xmlrpc.php rsd 443 - 34.127.79.247 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 - www.ecodehost.com 404 0 2 1384 382 387 - - show less
Web App Attack
Cloudkul Cloudkul
2025-01-22 00:35:07
(2 weeks ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
Burayot
2025-01-22 00:33:48
(2 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.127.79.247 (US/United States/247 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.127.79.247 (US/United States/247.79.127.34.bc.googleusercontent.com): 1 in the last 3600 secs show less
Web App Attack
kosada.com
2025-01-22 00:31:17
(2 weeks ago)
Web vulnerability probing
Web App Attack
Anonymous
2025-01-22 00:31:00
(2 weeks ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack