๐ต๐ญ
Nan Ngadan Ko
2023-01-16 23:17:47
(3 years ago)
unauthenticated action
Hacking
๐ฉ๐ฐ
buusbudde.dk
2023-01-16 04:53:31
(3 years ago)
[Mon Jan 16 05:53:27.899167 2023] [:error] [pid 1618310] [client 5.75.199.140:50613] [client 5.75.19 ...
show more
[Mon Jan 16 05:53:27.899167 2023] [:error] [pid 1618310] [client 5.75.199.140:50613] [client 5.75.199.140] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "juliabudde.com"] [uri "/wp-content/plugins/ioptimizations/IOptimizes.php"] [unique_id "Y8TYR56gx9WB9sfYvmXQlAAAAAE"], referer: www.google.com
[Mon Jan 16 05:53:30.163882 2023] [:error] [pid 1633353] [client 5.75.199.140:53732] [client 5.75.199.140] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded
...
show less
Web App Attack
๐ฉ๐ช
ut-addicted.com
2023-01-16 02:29:54
(3 years ago)
\[Mon Jan 16 03:29:51.986319 2023\] \[:error\] \[pid 28383:tid 140595720812288\] \[client 5.75.199.1 ...
show more
\[Mon Jan 16 03:29:51.986319 2023\] \[:error\] \[pid 28383:tid 140595720812288\] \[client 5.75.199.140:52520\] \[client 5.75.199.140\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "ut-addicted.com"\] \[uri "/wp-content/plugins/ioptimizations/IOptimizes.php"\] \[unique_id "Y8S2n20QrbbZwN4HLcsuMgAAANE"\], referer: www.google.com
show less
Brute-Force
Web App Attack
Anonymous
2023-01-16 00:29:59
(3 years ago)
Persistent attempts to access WordPress plugins
Web App Attack
๐ง๐ท
AC - Team
2023-01-15 23:46:17
(3 years ago)
5.75.199.140 - - [15/Jan/2023:20:46:15 -0300] "GET /wp-content/plugins/wpcargo/includes/barcode.php? ...
show more
5.75.199.140 - - [15/Jan/2023:20:46:15 -0300] "GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath=../../../x.php HTTP/2.0" 301 894 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
...
show less
Hacking
Web App Attack
๐บ๐ธ
RLDD
2023-01-15 19:59:29
(3 years ago)
WP probing for vulnerabilities -eld
Web App Attack
๐บ๐ธ
MortimerCat
2023-01-15 16:52:52
(3 years ago)
Trying to access wordpress plugins
Web App Attack
๐ฆ๐บ
ozisp.com.au
2023-01-15 11:20:12
(3 years ago)
RU_HOS-GUN_<33>1673781610 [1:2011768:4] ET WEB_SERVER PHP tags in HTTP POST [Classification: Web App ...
show more
RU_HOS-GUN_<33>1673781610 [1:2011768:4] ET WEB_SERVER PHP tags in HTTP POST [Classification: Web Application Attack] [Priority: 1] {TCP} 5.75.199.140:52474
show less
Hacking
๐ง๐ท
AC - Team
2023-01-15 09:32:33
(3 years ago)
5.75.199.140 - - [15/Jan/2023:06:32:32 -0300] "GET /wp-content/plugins/wpcargo/includes/barcode.php? ...
show more
5.75.199.140 - - [15/Jan/2023:06:32:32 -0300] "GET /wp-content/plugins/wpcargo/includes/barcode.php?text=x1x1111x1xx1xx111xx11111xx1x111x1x1x1xxx11x1111xx1x11xxxx1xx1xxxxx1x1x1xx1x1x11xx1xxxx1x11xx111xxx1xx1xx1x1x1xxx11x1111xxx1xxx1xx1x111xxx1x1xx1xxx1x1x1xx1x1x11xxx11xx1x11xx111xx1xxx1xx11x1x11x11x1111x1x11111x1x1xxxx&sizefactor=.090909090909&size=1&filepath=../../../x.php HTTP/1.1" 301 2336 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
tmiland
2023-01-15 08:03:13
(3 years ago)
(wordpress_404) WordPress Plugins Honeypot Trap 5.75.199.140 (DE/Germany/static.140.199.75.5.clients ...
show more
(wordpress_404) WordPress Plugins Honeypot Trap 5.75.199.140 (DE/Germany/static.140.199.75.5.clients.your-server.de): 2 in the last 3600 secs
show less
Blog Spam
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2023-01-15 05:32:17
(3 years ago)
Many_bad_calls
Web App Attack
๐ฎ๐ช
RoboSOC
2023-01-15 03:14:09
(3 years ago)
WordPress WPCargo Track and Trace Plugin Code Execution Vulnerability, PTR: static.140.199.75.5.clie ...
show more
WordPress WPCargo Track and Trace Plugin Code Execution Vulnerability, PTR: static.140.199.75.5.clients.your-server.de.
show less
Hacking
๐ง๐ช
taivas.nl
2023-01-15 03:02:02
(3 years ago)
Wordpress_Attack
Web App Attack
๐ฉ๐ช
Kreapptivo
2023-01-15 01:58:37
(3 years ago)
[15/Jan/2023:02:58:36 +0100] Web-Request: "POST /wp-content/plugins/apikey/apikey.php", User-Agent: ...
show more
[15/Jan/2023:02:58:36 +0100] Web-Request: "POST /wp-content/plugins/apikey/apikey.php", User-Agent: "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
show less
Bad Web Bot
Web App Attack