TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net ... show more(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 11:52:14.099293 2024] [security2:error] [pid 21218:tid 21218] [client 200.61.40.188:51074] [client 200.61.40.188] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.midway-island.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.midway-island.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZvWDLlU-Cvy7g9QsQzqiPgAAAA4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
mxbl
|
|
Scanning for CMS vulnerabilities on a non-CMS system: /wp-login.php
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net ... show more(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 11:45:16.962875 2024] [security2:error] [pid 24869:tid 24869] [client 200.61.40.188:22629] [client 200.61.40.188] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nwtree.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nwtree.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZvGNDOTkjLBh1rTuo0UJvQAAABw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TheMadBeaker
|
|
Fail2Ban Ban Triggered
Wordpress Attack Attempt
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
Brute forcing Wordpress login
|
Hacking
Web App Attack
|
|
axllent
|
|
Wordpress login scanning
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net ... show more(mod_security) mod_security (id:225170) triggered by 200.61.40.188 (lan-40-188.static.techtelnet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 18:05:29.668506 2024] [security2:error] [pid 30708:tid 30733] [client 200.61.40.188:51969] [client 200.61.40.188] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||woofnrose.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "woofnrose.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zsz8KYZ4Y137r-dF3JtRrAAAANc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
findlab
|
|
Backdrop CMS module - malicious activity detected
|
Bad Web Bot
Web App Attack
|
|
Steve
|
|
Attempts against non-existent wordpress site
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
Malicious activity detected
|
Hacking
Web App Attack
|
|
rdpguard.com
|
|
RdpGuard detected brute-force attempt on HTTP
|
Brute-Force
|
|