bescared
2024-07-17 12:12:00
(4 months ago)
Malicious activity detected: URL probing.
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-17 08:19:45
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 17 04:19:40.127606 2024] [security2:error] [pid 680:tid 680] [client 189.90.59.146:50812] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lukeschicago.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lukeschicago.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zpd-nNFADz82qvHJqDcymgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-07-04 10:12:33
(5 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-06-26 17:03:43
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 26 13:03:37.409128 2024] [security2:error] [pid 20860:tid 47852568401664] [client 189.90.59.146:50553] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||woofnrose.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "woofnrose.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZnxJ6Ql71GRcj-t_sPG8IgAAAhI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-06-21 02:13:20
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 20 22:13:14.976926 2024] [security2:error] [pid 29925] [client 189.90.59.146:53953] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||twincitytn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "twincitytn.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZnThuhIvebcTzGzd43UOUwAAAAs"] show less
Brute-Force
Brute-Force
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
SilverZippo
2024-06-12 15:07:02
(5 months ago)
Web App Attack
Web App Attack
ManagedStack
2024-06-06 01:39:39
(6 months ago)
Wordpress Attack
Web App Attack
TPI-Abuse
2024-05-30 07:56:11
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 30 03:56:04.311243 2024] [security2:error] [pid 1680004] [client 189.90.59.146:61153] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.walc.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.walc.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZlgxFPYNG4ikIQupT2txAAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
nationaleventpros.com
2024-05-27 05:38:20
(6 months ago)
WordPress login attempt
Brute-Force
afleventoffice.com.au
2024-05-25 03:39:55
(6 months ago)
Web App Attack
URAN Publishing Service
2024-05-23 16:29:15
(6 months ago)
189.90.59.146 - - [23/May/2024:19:29:14 +0300] "GET /wp-login.php HTTP/1.1" 404 2968 "-" "Mozilla/5. ... show more 189.90.59.146 - - [23/May/2024:19:29:14 +0300] "GET /wp-login.php HTTP/1.1" 404 2968 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
189.90.59.146 - - [23/May/2024:19:29:14 +0300] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
TPI-Abuse
2024-04-19 20:49:54
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 19 16:49:47.049021 2024] [security2:error] [pid 29286:tid 47773837772544] [client 189.90.59.146:57268] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mcdonaldmountainranch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mcdonaldmountainranch.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZiLY67L2OQ-M3g4EOcoW1gAAAJc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Sklurk
2024-04-17 23:19:10
(7 months ago)
Web App Attack
Web App Attack
10dencehispahard SL
2024-04-15 19:00:05
(7 months ago)
Unauthorized login attempts [ wordpress-xmlrpc, wordpress]
Brute-Force
Web App Attack
Anonymous
2024-04-15 15:53:13
(7 months ago)
Brute forcing Wordpress login
Hacking
Web App Attack