Anonymous
2024-10-07 19:16:02
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
corthorn
2024-10-02 20:05:15
(1 week ago)
85.128.143.30 - - [02/Oct/2024:22:05:12 +0200] "POST /wp-login.php HTTP/1.1" 200 6334 "https://gomis ... show more 85.128.143.30 - - [02/Oct/2024:22:05:12 +0200] "POST /wp-login.php HTTP/1.1" 200 6334 "https://gomisti.al/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
... show less
Brute-Force
quicksand
2024-09-13 03:37:49
(1 month ago)
Malicious URI path & NULL user agent [GET /wp-content/plugins/wp-file-manager/css/fm_custom.css] [NU ... show more Malicious URI path & NULL user agent [GET /wp-content/plugins/wp-file-manager/css/fm_custom.css] [NULL user agent] **Reported from WAF sampled requests** show less
Bad Web Bot
Web App Attack
Anonymous
2024-09-13 03:31:17
(1 month ago)
wordpress-trap
Web App Attack
RLDD
2024-07-11 13:36:21
(3 months ago)
WP probing for vulnerabilities -mob
Web App Attack
RLDD
2024-07-11 08:23:53
(3 months ago)
WP login attempts -hux
Brute-Force
cmbplf
2024-07-05 17:24:15
(3 months ago)
656 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
TPI-Abuse
2024-01-15 12:34:01
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.30 (static-akl30.rev.netart.com): 1 ... show more (mod_security) mod_security (id:225170) triggered by 85.128.143.30 (static-akl30.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 15 07:33:56.877191 2024] [security2:error] [pid 4271] [client 85.128.143.30:40182] [client 85.128.143.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||weddingmusicguitar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "weddingmusicguitar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZaUmNC1VUTJHfONCKn5mnwAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-01-15 12:00:45
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 85.128.143.30 (static-akl30.rev.netart.com): 1 ... show more (mod_security) mod_security (id:225170) triggered by 85.128.143.30 (static-akl30.rev.netart.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 15 07:00:38.537187 2024] [security2:error] [pid 23148] [client 85.128.143.30:49294] [client 85.128.143.30] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vangentholding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vangentholding.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZaUeZl5ILAVTG1jcuhvNdgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
wnbhosting.dk
2024-01-11 21:54:08
(9 months ago)
WP xmlrpc [2024-01-11T22:54:08+01:00]
Hacking
Web App Attack
MAGIC
2023-12-29 15:15:20
(9 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
WebWizards.NZ
2023-12-16 02:45:54
(9 months ago)
Trolling for resource vulnerabilities
Web App Attack
Mr-Money
2023-12-16 01:28:13
(9 months ago)
85.128.143.30 - - [16/Dec/2023:02:28:13 +0100] "GET /wp-pano HTTP/2.0" 404 70685 "-" "Mozilla/5.0 (W ... show more 85.128.143.30 - - [16/Dec/2023:02:28:13 +0100] "GET /wp-pano HTTP/2.0" 404 70685 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 YaBrowser/21.8.1.468 Yowser/2.5 Safari/537.36"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
bogdanv
2023-11-07 10:01:19
(11 months ago)
$f2bV_matches
DDoS Attack
Web Spam
SQL Injection
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2023-08-22 20:55:22
(1 year ago)
Web Spam
Email Spam
Blog Spam
Bad Web Bot
Web App Attack