Anonymous
2024-08-09 04:04:25
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
leolemos
2024-08-08 09:43:05
(1 month ago)
45.66.231.169 - - [08/Aug/2024:05:53:14 -0300] "POST /wp-login.php HTTP/2.0" 200 3372 "-" "Mozilla/5 ... show more 45.66.231.169 - - [08/Aug/2024:05:53:14 -0300] "POST /wp-login.php HTTP/2.0" 200 3372 "-" "Mozilla/5.0"
45.66.231.169 - - [08/Aug/2024:06:43:03 -0300] "POST /wp-login.php HTTP/2.0" 200 3372 "-" "Mozilla/5.0"
45.66.231.169 - - [08/Aug/2024:06:43:03 -0300] "POST /wp-login.php HTTP/2.0" 200 3375 "-" "Mozilla/5.0"
45.66.231.169 - - [08/Aug/2024:06:43:03 -0300] "POST /wp-login.php HTTP/2.0" 200 3372 "-" "Mozilla/5.0" show less
Brute-Force
Web App Attack
akasolutions.de
2024-08-08 08:54:56
(1 month ago)
(wordpress) Failed wordpress login from 45.66.231.169 (BG/Bulgaria/-)
Brute-Force
Jaime
2024-08-08 05:25:00
(1 month ago)
45.66.231.169 - Access forbidden ... /wp-login.php
Brute-Force
statistics indonesia
2024-08-07 09:38:48
(2 months ago)
WP Login Scan Activities
Web App Attack
Kenshin869
2024-08-07 07:55:39
(2 months ago)
W4 Wordpress unauthorized access attempt
Brute-Force
COMAITE
2024-08-07 07:12:17
(2 months ago)
Multiple web server 400 error codes from same source ip 45.66.231.169.
Web App Attack
TPI-Abuse
2024-08-07 06:29:25
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.66.231.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.66.231.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 02:29:17.678736 2024] [security2:error] [pid 376:tid 396] [client 45.66.231.169:56277] [client 45.66.231.169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.buick-reatta.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.buick-reatta.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZrMUPY17u1xq8ceq0I6igAAAAko"] show less
Brute-Force
Bad Web Bot
Web App Attack
taivas.nl
2024-08-07 04:32:24
(2 months ago)
Many_bad_calls
Web App Attack
strefapi_com
2024-08-07 04:22:58
(2 months ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
Anonymous
2024-08-07 03:23:02
(2 months ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1, GET //wp-json/oembed/1.0/embed?u ... show more Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1, GET //wp-json/oembed/1.0/embed?url=https://wetenschap.nu/ HTTP/ show less
Hacking
Web App Attack
aricooperdavis
2024-08-07 03:18:13
(2 months ago)
Probe for vulnerabilities. Path attempted: /wp-includes/wlwmanifest
Web App Attack
leolemos
2024-08-07 01:17:17
(2 months ago)
45.66.231.169 - - [06/Aug/2024:22:17:15 -0300] "POST //xmlrpc.php HTTP/2.0" 200 477 "-" "Mozilla/5.0 ... show more 45.66.231.169 - - [06/Aug/2024:22:17:15 -0300] "POST //xmlrpc.php HTTP/2.0" 200 477 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
45.66.231.169 - - [06/Aug/2024:22:17:16 -0300] "POST //xmlrpc.php HTTP/2.0" 200 294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
45.66.231.169 - - [06/Aug/2024:22:17:16 -0300] "POST //xmlrpc.php HTTP/2.0" 200 242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
45.66.231.169 - - [06/Aug/2024:22:17:16 -0300] "POST //xmlrpc.php HTTP/2.0" 200 271 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" show less
Brute-Force
Web App Attack
0xffffffff
2024-08-07 01:14:53
(2 months ago)
[2024-08-07 04:14:52.081101] [authz_core:error] [pid 407422:tid 140033481963072] [client 45.66.231.1 ... show more [2024-08-07 04:14:52.081101] [authz_core:error] [pid 407422:tid 140033481963072] [client 45.66.231.169:0] AH01630: client denied by server configuration: /var/www/*/wp-includes/wlwmanifest.xml , error_notes:double-slash , URI:'/wp-includes/wlwmanifest.xml'
[2024-08-07 04:14:52.121649] [authz_core:error] [pid 407422:tid 140033473553984] [client 45.66.231.169:0] AH01630: client denied by server configuration: /var/www/*/xmlrpc.php , error_notes:double-slash , URI:'/xmlrpc.php?rsd'
[2024-08-07 04:14:52.419341] [authz_core:error] [pid 407422:tid 140033666799168] [client 45.66.231.169:0] AH01630: client denied by server configuration: /var/www/*/ , error_notes:double-slash , URI:'/?author=1'
[2024-08-07 04:14:52.439598] [authz_core:error] [pid 407422:tid 140033658406464] [client 45.66.231.169:0] AH01630: client denied by server configuration: /var/www/*/ , error_notes:double-slash , URI:'/?author=2'
[2024-08-07 04:14:52.460062] [authz_core:error] [pid 407422:tid 140033650013760] [client 45.66.231.169:0] AH01630: c show less
Bad Web Bot
Web App Attack
Cloudkul Cloudkul
2024-08-07 00:54:03
(2 months ago)
Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less
Brute-Force
Web App Attack