SpaceHost-Server
2023-12-19 18:07:34
(1 year ago)
79.124.8.241 - - [19/Dec/2023:19:07:30 +0100] "POST /xmlrpc.php HTTP/1.1" 200 221 "-" "Mozilla/5.0 ( ... show more 79.124.8.241 - - [19/Dec/2023:19:07:30 +0100] "POST /xmlrpc.php HTTP/1.1" 200 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
79.124.8.241 - - [19/Dec/2023:19:07:31 +0100] "POST /xmlrpc.php HTTP/1.1" 200 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
79.124.8.241 - - [19/Dec/2023:19:07:34 +0100] "POST /xmlrpc.php HTTP/1.1" 200 221 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" show less
Hacking
Web App Attack
oncord
2023-12-18 09:46:33
(1 year ago)
Form spam
Web Spam
mawan
2023-12-18 01:38:26
(1 year ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Rizzy
2023-12-17 22:32:50
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2023-12-16 12:36:02
(1 year ago)
www.goldgier.de 79.124.8.241 [16/Dec/2023:13:35:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5744 "-" " ... show more www.goldgier.de 79.124.8.241 [16/Dec/2023:13:35:59 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5744 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
www.goldgier.de 79.124.8.241 [16/Dec/2023:13:36:01 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5744 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" show less
Web App Attack
corthorn
2023-12-16 09:31:34
(1 year ago)
79.124.8.241 - - [16/Dec/2023:10:31:33 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5655 "-" "Mozilla/5.0 ... show more 79.124.8.241 - - [16/Dec/2023:10:31:33 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5655 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
... show less
Brute-Force
MAGIC
2023-12-14 15:09:08
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Swiptly
2023-12-12 17:32:37
(1 year ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-12 07:02:09
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 79.124.8.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 12 02:02:05.226458 2023] [security2:error] [pid 2850] [client 79.124.8.241:39090] [client 79.124.8.241] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||maidsinmalta.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "maidsinmalta.com"] [uri "/2023-sinmalta.sql"] [unique_id "ZXgFbWTtR57c_F99HLby0gAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
niceshops.com
2023-12-06 10:54:25
(1 year ago)
Web Attack multi (Dec 23 11:54:24 Matching rules: Detect possible SQL injection - E.g. Sleep(5) )
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
niceshops.com
2023-12-05 10:45:56
(1 year ago)
Web Attack multi (Dec 23 11:45:56 Matching rules: Detect possible SQL injection - Too many SQL keyw ... show more Web Attack multi (Dec 23 11:45:56 Matching rules: Detect possible SQL injection - Too many SQL keywords (more than 3 times),Detect possible SQL injection - E.g. Select * from ) show less
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
security.rdmc.fr
2023-12-04 01:54:19
(1 year ago)
Port Scan Attack proto:TCP src:38672 dst:23
Port Scan
Rizzy
2023-12-02 03:21:25
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
MAGIC
2023-11-30 20:01:53
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Ba-Yu
2023-11-30 17:34:23
(1 year ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack