zynex
|
|
URL Probing: /wp-login.php
|
Web App Attack
|
|
Hirte
|
|
ABV: Web Attack GET /wp-login.php
|
Web Spam
Hacking
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 13:47:42.491208 2024] [security2:error] [pid 28817:tid 28939] [client 155.12.57.174:65330] [client 155.12.57.174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wdmtexas.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wdmtexas.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zy5czjuwRswqPU2sMwB-VQAAARI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 09:09:23.399606 2024] [security2:error] [pid 1330150:tid 1330150] [client 155.12.57.174:18261] [client 155.12.57.174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chickiesbeef.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chickiesbeef.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zyt4k6_PYN1M0dNUFzafUAAAABE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Sklurk
|
|
Web App Attack
|
Web App Attack
|
|
exxos
|
|
web exploits attack
|
Web App Attack
|
|
Hirte
|
|
DIS: Web Attack GET /wp-login.php
|
Web Spam
Hacking
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Fail2Ban - Nginx Bot Probes
|
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 11:39:02.443191 2024] [security2:error] [pid 15131:tid 15131] [client 155.12.57.174:23479] [client 155.12.57.174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||anegadabeachclub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "anegadabeachclub.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZsdblljXZKGDNMpFLispKwAAABg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Steve
|
|
Attempts against non-existent wordpress site
|
Brute-Force
Web App Attack
|
|
URAN Publishing Service
|
|
155.12.57.174 - - [13/Jul/2024:11:11:02 +0300] "GET /wp-login.php HTTP/1.1" 404 3208 "-" "Mozilla/5. ... show more155.12.57.174 - - [13/Jul/2024:11:11:02 +0300] "GET /wp-login.php HTTP/1.1" 404 3208 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
155.12.57.174 - - [13/Jul/2024:11:11:03 +0300] "GET /xmlrpc.php HTTP/1.1" 404 538 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 04:54:02.967717 2024] [security2:error] [pid 15830] [client 155.12.57.174:16687] [client 155.12.57.174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.quickasawink.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.quickasawink.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZoJuqjAgzfn1wRiogAb58wAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 155.12.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 21 08:34:26.553760 2024] [security2:error] [pid 10394] [client 155.12.57.174:50377] [client 155.12.57.174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.kupcakz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.kupcakz.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZnVzUqWQ6CUFERu9ed4zpgAAAAg"] show less
|
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
|
|