Anonymous
|
|
apache-wordpress-login
|
Brute-Force
Web App Attack
|
|
noise.agency
|
|
(wordpress) Failed wordpress login from 185.152.93.250 (RU/Russia/visit.keznews.com)
|
Brute-Force
|
|
sms.ru
|
|
SMS pumping attack from foreign country
|
DDoS Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the la ... show more(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 05 09:27:47.656058 2024] [security2:error] [pid 13679] [client 185.152.93.250:53397] [client 185.152.93.250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||shelbysmoak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shelbysmoak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZmBn00wpbSLrvgNIfT5VcgAAAB8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the la ... show more(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 05 08:49:16.485042 2024] [security2:error] [pid 29213:tid 47029476271872] [client 185.152.93.250:48283] [client 185.152.93.250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||seriousgames-system.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "seriousgames-system.info"] [uri "/wp-json/wp/v2/users"] [unique_id "ZmBezPxndzAcZV4lJdDp3QAAAEk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the la ... show more(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 18:21:41.543058 2024] [security2:error] [pid 29160:tid 47138468644608] [client 185.152.93.250:23077] [client 185.152.93.250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||culturallyyours.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "culturallyyours.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Zlue9XDQ01VhJJNl2xaFcgAAAI0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the la ... show more(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 08:59:59.942609 2024] [security2:error] [pid 31943] [client 185.152.93.250:13495] [client 185.152.93.250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||circleofsound.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "circleofsound.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlsbT6jkv8QRAQuXyLuPPQAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ accesslogs]
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the la ... show more(mod_security) mod_security (id:225170) triggered by 185.152.93.250 (visit.keznews.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 30 11:40:04.197826 2024] [security2:error] [pid 30928] [client 185.152.93.250:51307] [client 185.152.93.250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||adlabsnetworks.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adlabsnetworks.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Zlid1K1oygGcZhI_NybaxgAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
rafix
|
|
Scrapping website, using diffrent useragents, not wait for response, #botnet20231026
|
DDoS Attack
Bad Web Bot
|
|