Apache
2024-11-18 05:39:35
(2 months ago)
(mod_security) mod_security (id:210410) triggered by 93.152.220.168 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:210410) triggered by 93.152.220.168 (US/United States/-): 5 in the last 300 secs show less
Brute-Force
Web App Attack
Anonymous
2024-11-18 03:55:15
(2 months ago)
Unauthorized connection attempt detected in the last 24 hours
Hacking
Savvii
2024-11-18 03:35:59
(2 months ago)
10 attempts against mh_ha-misc-ban on lead
Brute-Force
Web App Attack
Cookie
2024-11-18 01:36:15
(2 months ago)
Blocked by UFW (TCP on port 80).
Source port: 44870
TTL: 55
Packet length: 60<br / ... show more Blocked by UFW (TCP on port 80).
Source port: 44870
TTL: 55
Packet length: 60
TOS: 0x00
Timestamp: 2024-11-18 01:36:14 [Europe/Warsaw]
This report (for 93.152.220.168) was generated by:
https://github.com/sefinek24/UFW-AbuseIPDB-Reporter show less
Port Scan
Web App Attack
maxxsense
2024-11-18 01:21:37
(2 months ago)
(wordpress) Failed wordpress login from 93.152.220.168 (US/United States/-)
Brute-Force
Rcat
2024-11-17 21:47:10
(2 months ago)
93.152.220.168 - - [18/Nov/2024:06:47:08 +0900] "GET / HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows N ... show more 93.152.220.168 - - [18/Nov/2024:06:47:08 +0900] "GET / HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
93.152.220.168 - - [18/Nov/2024:06:47:08 +0900] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
93.152.220.168 - - [18/Nov/2024:06:47:09 +0900] "GET /feed/ HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
93.152.220.168 - - [18/Nov/2024:06:47:09 +0900] "GET /xmlrpc.php?rsd HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
93.152.220.168 - - [18/Nov/2024:06:47:09 +0900] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML,
... show less
DDoS Attack
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
IoT Targeted
mnsf
2024-11-17 20:11:09
(2 months ago)
Too many Status 40X (12)
Request Overload (102)
Brute-Force
Web App Attack
cmbplf
2024-11-17 18:33:14
(2 months ago)
2.650 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
Ba-Yu
2024-11-17 18:04:56
(2 months ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
Savvii
2024-11-17 16:37:27
(2 months ago)
10 attempts against mh-misc-ban on cell
Web App Attack
TPI-Abuse
2024-11-16 03:55:28
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 93.152.220.168 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 93.152.220.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 15 22:55:17.968548 2024] [security2:error] [pid 11342:tid 11342] [client 93.152.220.168:58172] [client 93.152.220.168] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.atlantaliveworship.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.atlantaliveworship.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzgXpQuV6E0PNPHobuO1dQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-11-16 03:32:07
(2 months ago)
10 attempts against mh_ha-misc-ban on lead
Brute-Force
Web App Attack
Anonymous
2024-11-16 02:56:33
(2 months ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Cookie
2024-11-16 02:26:15
(2 months ago)
Blocked by UFW (TCP on port 80).
Source port: 51742
TTL: 55
Packet length: 60<br / ... show more Blocked by UFW (TCP on port 80).
Source port: 51742
TTL: 55
Packet length: 60
TOS: 0x00
Timestamp: 2024-11-16 02:26:15 [Europe/Warsaw]
This report (for 93.152.220.168) was generated by:
https://github.com/sefinek24/UFW-AbuseIPDB-Reporter show less
Port Scan
Web App Attack
weblite
2024-11-16 02:23:32
(2 months ago)
WP_AUTHOR_SCANNING WP_XMLRPC_ABUSE
Brute-Force
Web App Attack