MAGIC
2024-10-29 18:04:38
(4 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-25 06:36:13
(1 week ago)
Fail2Ban - Nginx Bot Probes
Web App Attack
MAGIC
2024-10-21 12:01:55
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
nationaleventpros.com
2024-10-19 09:47:06
(2 weeks ago)
WordPress login attempt
Brute-Force
URAN Publishing Service
2024-10-17 17:26:56
(2 weeks ago)
86.98.108.82 - - [17/Oct/2024:20:26:54 +0300] "GET /wp-login.php HTTP/1.1" 404 2619 "-" "Mozilla/5.0 ... show more 86.98.108.82 - - [17/Oct/2024:20:26:54 +0300] "GET /wp-login.php HTTP/1.1" 404 2619 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
86.98.108.82 - - [17/Oct/2024:20:26:55 +0300] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
Anonymous
2024-10-16 06:01:36
(2 weeks ago)
Fail2Ban - Nginx Bot Probes
Web App Attack
TPI-Abuse
2024-10-06 18:17:58
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae) ... show more (mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 06 14:17:53.758961 2024] [security2:error] [pid 5303:tid 5366] [client 86.98.108.82:19457] [client 86.98.108.82] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||whitecrosslibrary.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "whitecrosslibrary.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZwLUUSP4bQL8OXPMS03I1gAAAtY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-10-06 13:43:51
(3 weeks ago)
SS5: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
ALPHANET
2024-10-06 06:34:52
(3 weeks ago)
web exploits
Hacking
Exploited Host
Web App Attack
TPI-Abuse
2024-10-05 15:27:25
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae) ... show more (mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 05 11:27:18.313068 2024] [security2:error] [pid 16022:tid 16022] [client 86.98.108.82:19293] [client 86.98.108.82] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.newdirectionsinmusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.newdirectionsinmusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZwFa1lqammIVWuqa5T6BogAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-09-30 08:06:18
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-09-25 06:51:02
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-09-24 07:41:59
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae) ... show more (mod_security) mod_security (id:225170) triggered by 86.98.108.82 (bba-86-98-108-82.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 03:41:54.331363 2024] [security2:error] [pid 2166:tid 2166] [client 86.98.108.82:13713] [client 86.98.108.82] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wild-goose.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wild-goose.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZvJtQlTTYojGm9-mUwHfyQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
theEngineer
2024-09-23 10:06:29
(1 month ago)
[11:06:28] 11: Scanning for Exploits - /wp-login.php
Hacking
Web App Attack