MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
SilverZippo
|
|
Web App Attack
|
Web App Attack
|
|
Hirte
|
|
MYH: Web Attack GET /wp-login.php
|
Web Spam
Hacking
Bad Web Bot
Web App Attack
|
|
nationaleventpros.com
|
|
WordPress login attempt
|
Brute-Force
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
URAN Publishing Service
|
|
1.237.221.147 - - [30/Oct/2024:12:25:52 +0200] "GET /wp-login.php HTTP/1.1" 404 2848 "-" "Mozilla/5. ... show more1.237.221.147 - - [30/Oct/2024:12:25:52 +0200] "GET /wp-login.php HTTP/1.1" 404 2848 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
1.237.221.147 - - [30/Oct/2024:12:25:54 +0200] "GET /xmlrpc.php HTTP/1.1" 404 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 13:17:18.492370 2024] [security2:error] [pid 8197:tid 8197] [client 1.237.221.147:59295] [client 1.237.221.147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||salernospizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salernospizza.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zx51nkWBKpyNEYawShEjIQAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Sklurk
|
|
Web App Attack
|
Web App Attack
|
|
botreporter
|
|
CMS vulnerability/installation scanning
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 09:53:21.479734 2024] [security2:error] [pid 20410:tid 20410] [client 1.237.221.147:54325] [client 1.237.221.147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.newdirectionsinmusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.newdirectionsinmusic.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zrdw0TPbT790tdZ1z10HNAAAACY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 1.237.221.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 07:30:39.441731 2024] [security2:error] [pid 8379] [client 1.237.221.147:64598] [client 1.237.221.147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.walc.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.walc.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZpZZ3_Mq50UR6UhXw7jBYAAAABE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
nationaleventpros.com
|
|
WordPress login attempt
|
Brute-Force
|
|
Anonymous
|
|
Malicious activity detected
|
Hacking
Web App Attack
|
|
Anonymous
|
|
Bot / scanning and/or hacking attempts: GET /wp-login.php HTTP/1.1, GET /xmlrpc.php HTTP/1.1
|
Hacking
Web App Attack
|
|
URAN Publishing Service
|
|
1.237.221.147 - - [26/May/2024:14:30:13 +0300] "GET /wp-login.php HTTP/1.1" 404 3203 "-" "Mozilla/5. ... show more1.237.221.147 - - [26/May/2024:14:30:13 +0300] "GET /wp-login.php HTTP/1.1" 404 3203 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
1.237.221.147 - - [26/May/2024:14:30:16 +0300] "GET /xmlrpc.php HTTP/1.1" 404 542 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
|
Web App Attack
|
|