danskefilm.dk
2024-04-11 11:30:01
(7 months ago)
wordpress login attempts
Web App Attack
URAN Publishing Service
2024-03-30 09:37:07
(8 months ago)
189.90.59.146 - - [30/Mar/2024:11:37:04 +0200] "GET /wp-login.php HTTP/1.1" 404 4777 "-" "Mozilla/5. ... show more 189.90.59.146 - - [30/Mar/2024:11:37:04 +0200] "GET /wp-login.php HTTP/1.1" 404 4777 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
189.90.59.146 - - [30/Mar/2024:11:37:06 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
Anonymous
2024-03-30 02:31:37
(8 months ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-03-25 19:53:43
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 25 15:53:38.972282 2024] [security2:error] [pid 3613] [client 189.90.59.146:60627] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||salernospizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salernospizza.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZgHWQudTSdI2n3p8YQNlIwAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-03-22 12:34:48
(8 months ago)
C1: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
MAGIC
2024-03-13 00:21:22
(8 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
10dencehispahard SL
2024-03-12 18:00:25
(8 months ago)
Unauthorized login attempts [ wordpress-xmlrpc, wordpress]
Brute-Force
Web App Attack
TPI-Abuse
2024-03-12 17:48:16
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 12 13:48:11.200845 2024] [security2:error] [pid 18120] [client 189.90.59.146:63856] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nwtree.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nwtree.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZfCVWxq8peYQwCc7t7GizgAAABk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-03-12 06:24:16
(8 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
axllent
2024-03-06 10:09:07
(8 months ago)
Wordpress login attempts
Brute-Force
Web App Attack
MAGIC
2024-03-03 01:00:14
(9 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
MAGIC
2024-02-26 03:10:41
(9 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-02-24 12:59:49
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 189.90.59.146 (189-90-59-146.unifique.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 07:59:43.742105 2024] [security2:error] [pid 29943] [client 189.90.59.146:49193] [client 189.90.59.146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||grabagame.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "grabagame.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZdnoPwMCPHIyk0tHvTPZ2wAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
myagent.site
2024-02-20 14:03:42
(9 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
URAN Publishing Service
2024-02-18 17:49:10
(9 months ago)
189.90.59.146 - - [18/Feb/2024:19:49:08 +0200] "GET /wp-login.php HTTP/1.1" 404 4775 "-" "Mozilla/5. ... show more 189.90.59.146 - - [18/Feb/2024:19:49:08 +0200] "GET /wp-login.php HTTP/1.1" 404 4775 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
189.90.59.146 - - [18/Feb/2024:19:49:09 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack