Anonymous
|
|
[18/Jan/2025:18:45:18 +1100] "GET /wp-json/wp/v2/users HTTP/1.1" 301 260 "https://www.google.com" "M ... show more[18/Jan/2025:18:45:18 +1100] "GET /wp-json/wp/v2/users HTTP/1.1" 301 260 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less
|
Hacking
Web App Attack
|
|
Progetto1
|
|
Website Scanning / Scraping
|
Bad Web Bot
Exploited Host
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 13 15:38:19.203527 2025] [security2:error] [pid 2785:tid 2785] [client 156.228.179.249:22423] [client 156.228.179.249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||magodarman.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "magodarman.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4V5ux2NPckhQUGYhV5GywAAABU"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
thedreamer.nl
|
|
156.228.179.249 - - [09/Jan/2025:13:50:53 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.go ... show more156.228.179.249 - - [09/Jan/2025:13:50:53 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "DE" "-" "51.29930" "9.49100"
156.228.179.249 - - [09/Jan/2025:13:50:55 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "DE" "-" "51.29930" "9.49100"
156.228.179.249 - - [09/Jan/2025:13:50:56 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "DE" "-" "51.29930" "9.49100"
156.228.179.249 - - [09/Jan/2025:13:50:57 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" "DE" "-" "51.29930" "9.49100"
... show less
|
Hacking
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 06 11:28:34.473031 2025] [security2:error] [pid 29127:tid 29127] [client 156.228.179.249:57989] [client 156.228.179.249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cormanleigh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cormanleigh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3wEsj8wJJDJfkXiV52FSgAAAAw"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 05 03:37:31.280422 2025] [security2:error] [pid 789082:tid 789082] [client 156.228.179.249:35599] [client 156.228.179.249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||andrsn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "andrsn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3pEy4WsYc3-2uJZCp7t8QAAAAA"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:225170) triggered by 156.228.179.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 25 02:58:29.510067 2024] [security2:error] [pid 22855:tid 22855] [client 156.228.179.249:49775] [client 156.228.179.249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sarawatt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sarawatt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z2u7JXKJcv8IaIqyISr3zQAAAAM"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|