TPI-Abuse
2024-07-12 21:13:42
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 17:13:38.983149 2024] [security2:error] [pid 22100] [client 128.199.167.100:49234] [client 128.199.167.100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nancymahrer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nancymahrer.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZpGcgsOJ_F57Q9_tWckTkwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
HoneyPotEU02
2024-07-11 08:21:32
(2 months ago)
wordpress-trap
Web App Attack
Teniente Dan
2024-07-11 04:10:29
(2 months ago)
GET="/wp-login.php" Mozilla/5.0
Web App Attack
HoneyPotEU02
2024-07-11 03:31:54
(2 months ago)
wordpress-trap
Web App Attack
Vegascosmetics
2024-07-10 06:01:55
(2 months ago)
Excessive BAD Request Abuse
Bad Web Bot
TPI-Abuse
2024-07-09 22:38:25
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 09 18:38:21.841182 2024] [security2:error] [pid 31579] [client 128.199.167.100:62768] [client 128.199.167.100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drdot.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drdot.xyz"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zo273Vlx-f4QwrYhRinTQgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2024-07-09 19:59:34
(2 months ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
TPI-Abuse
2024-07-09 17:27:03
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 09 13:26:59.826637 2024] [security2:error] [pid 27473] [client 128.199.167.100:55297] [client 128.199.167.100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||adlabsnetworks.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adlabsnetworks.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zo1y44LyU8Dvpkt-isxyVAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-09 09:28:50
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 128.199.167.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 09 05:28:46.623718 2024] [security2:error] [pid 17266] [client 128.199.167.100:60773] [client 128.199.167.100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.97films.media|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.97films.media"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zo0CzuibREIQd89cAZ96XQAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
10dencehispahard SL
2024-07-09 08:02:49
(2 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
mnsf
2024-07-09 07:02:02
(2 months ago)
Xmlrpc Caught (6)
Brute-Force
Web App Attack
ParaBug
2024-07-09 06:32:35
(2 months ago)
128.199.167.100 - - [09/Jul/2024:08:32:34 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 40 ... show more 128.199.167.100 - - [09/Jul/2024:08:32:34 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 405 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
... show less
Phishing
Brute-Force
Web App Attack
pusathosting.com
2024-07-09 06:27:03
(2 months ago)
2ds22 bruteforce
Brute-Force
Web App Attack
Anonymous
2024-07-09 06:22:30
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
cmbplf
2024-07-08 06:24:07
(2 months ago)
781 POST requests to */wp-login.php
199 requests to */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot