|
๐ฒ๐ฝ
BodegaServer
|
|
34.30.142.251 - - [30/Dec/2024:13:55:12 -0600] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 200 448 " ...
show more
34.30.142.251 - - [30/Dec/2024:13:55:12 -0600] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 200 448 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
|
Port Scan
Hacking
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 05 09:43:27.972179 2024] [security2:error] [pid 30014:tid 47967809574656] [client 34.30.142.251:40816] [client 34.30.142.251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thecraftsycat.theyogicat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thecraftsycat.theyogicat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zecvj461xTvfcfUAbnbSPQAAAUU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 04 02:22:58.271468 2024] [security2:error] [pid 29985] [client 34.30.142.251:34586] [client 34.30.142.251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.starcrestsales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.starcrestsales.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZeV20kS5TCMCpi0nDexCmwAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.30.142.251 (251.142.30.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 04 01:04:52.730396 2024] [security2:error] [pid 11156] [client 34.30.142.251:40706] [client 34.30.142.251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.pixacast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.pixacast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZeVkhE4QliPwAjPiowzccAAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
mnsf
|
|
Scanning/Probing (11)
|
Brute-Force
Web App Attack
|
|
|
๐ซ๐ฎ
bittiguru.fi
|
|
WordPress brute force
|
Brute-Force
|
|
|
๐บ๐ธ
octageeks.com
|
|
Wordpress malicious attack:[octaxmlrpc]
|
Web App Attack
|
|
|
๐ฉ๐ฐ
wnbhosting.dk
|
|
WP xmlrpc [2024-02-25T05:53:27+01:00]
|
Hacking
Web App Attack
|
|
|
๐ฉ๐ฐ
wnbhosting.dk
|
|
WP xmlrpc [2024-02-24T22:47:35+01:00]
|
Hacking
Web App Attack
|
|
|
๐ฎ๐ช
Jim Keir
|
|
2024-02-24 13:49:31 34.30.142.251 File scanning, blocking 34.30.142.251 for 5 minutes
|
Web App Attack
|
|
|
๐ฎ๐ช
Jim Keir
|
|
2024-02-24 08:46:24 34.30.142.251 File scanning, blocking 34.30.142.251 for 5 minutes
|
Web App Attack
|
|
|
๐บ๐ธ
octageeks.com
|
|
Wordpress malicious attack:[octaxmlrpc]
|
Web App Attack
|
|
|
๐ฉ๐ช
Christian Schaffner
|
|
invalid_username,username_blacklisted from 34.30.142.251
|
Brute-Force
SSH
|
|
|
๐ซ๐ฎ
bittiguru.fi
|
|
34.30.142.251 - [22/Feb/2024:18:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 301 178 "-" "Mozilla/5.0 (W ...
show more
34.30.142.251 - [22/Feb/2024:18:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" "-"
34.30.142.251 - [22/Feb/2024:18:01:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 469 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0" "-"
...
show less
|
Hacking
Brute-Force
Web App Attack
|
|
|
๐ฌ๐ง
Swiptly
|
|
WordPress xmlrpc spam or enumeration
...
|
Web Spam
Bad Web Bot
Web App Attack
|
|