vestibtech
2024-10-23 06:16:49
(1 month ago)
2001:67c:2070:c928::1 - - [23/Oct/2024:00:16:49 -0600] "GET /wp-login.php HTTP/1.1" 301 466 "-" "Moz ... show more 2001:67c:2070:c928::1 - - [23/Oct/2024:00:16:49 -0600] "GET /wp-login.php HTTP/1.1" 301 466 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0"
... show less
Web App Attack
Max la Menace
2024-10-22 07:07:00
(1 month ago)
Wordpress attack (F)
Blog Spam
Web App Attack
TPI-Abuse
2024-10-20 15:41:35
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net) ... show more (mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 20 11:41:28.712388 2024] [security2:error] [pid 17585:tid 17658] [client 2001:67c:2070:c928::1:45416] [client 2001:67c:2070:c928::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arizonasolutionsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arizonasolutionsgroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZxUkqG7SGduSQE-kRYoL8AAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
dtorrer
2024-10-20 08:56:13
(1 month ago)
Dictionary attack on login resource.
Brute-Force
Axel
2024-10-20 07:58:37
(1 month ago)
Attempted access to sensitive WordPress file: xmlrpc.php.
Brute-Force
Web App Attack
SSH
Max la Menace
2024-10-20 07:06:41
(1 month ago)
Wordpress attack (F)
Blog Spam
Web App Attack
Hazzard
2024-10-20 06:03:58
(1 month ago)
(wordpress) Failed wordpress login from 2001:67c:2070:c928::1 (UA/Ukraine/Kyiv City/Kyiv/-/[redacted ... show more (wordpress) Failed wordpress login from 2001:67c:2070:c928::1 (UA/Ukraine/Kyiv City/Kyiv/-/[redacted]): (CF_ENABLE) show less
Brute-Force
weblite
2024-10-19 23:05:43
(1 month ago)
WP_LOGIN_FAIL
Brute-Force
Web App Attack
TPI-Abuse
2024-10-19 03:25:37
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net) ... show more (mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 18 23:25:32.315409 2024] [security2:error] [pid 28227:tid 28227] [client 2001:67c:2070:c928::1:9400] [client 2001:67c:2070:c928::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nextstepspersonalfinance.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nextstepspersonalfinance.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZxMmrD1WrRpGtSIBOWWaMQAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Max la Menace
2024-10-18 08:43:36
(1 month ago)
Wordpress attack (F)
Blog Spam
Web App Attack
SCHAPPY
2024-10-18 08:22:52
(1 month ago)
Wordpress attack using blacklisted username detected.
Web App Attack
Mendip_Defender
2024-10-18 08:13:52
(1 month ago)
2001:67c:2070:c928::1 - - [18/Oct/2024:07:40:56 +0100] "POST /wp-login.php HTTP/1.0" 200 4264 "-" "M ... show more 2001:67c:2070:c928::1 - - [18/Oct/2024:07:40:56 +0100] "POST /wp-login.php HTTP/1.0" 200 4264 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0"
2001:67c:2070:c928::1 - - [18/Oct/2024:09:13:51 +0100] "POST /wp-login.php HTTP/1.0" 200 3598 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0"
... show less
Brute-Force
TPI-Abuse
2024-10-17 18:54:48
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net) ... show more (mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 17 14:54:42.983426 2024] [security2:error] [pid 30332:tid 30332] [client 2001:67c:2070:c928::1:61160] [client 2001:67c:2070:c928::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oruhu.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oruhu.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZxFdcmmPYODT6ssNgzDNhQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-17 18:09:51
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net) ... show more (mod_security) mod_security (id:225170) triggered by 2001:67c:2070:c928::1 (web820.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 17 14:09:45.637967 2024] [security2:error] [pid 18827:tid 18827] [client 2001:67c:2070:c928::1:49780] [client 2001:67c:2070:c928::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dixiegeek.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZxFS6UiqkRU_mK7gMvSd7AAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-10-17 17:29:55
(1 month ago)
MYH: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack