MAGIC
2024-12-11 21:03:01
(23 hours ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-12-05 20:43:21
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 15:43:14.677869 2024] [security2:error] [pid 9572:tid 9572] [client 2607:f298:6:a014::627:cb3f:33484] [client 2607:f298:6:a014::627:cb3f] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ftiptondds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ftiptondds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1IQYt6RCU67Uqy4qOqvNAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
spyra.rocks
2024-12-05 19:56:07
(1 week ago)
WordPress
Web App Attack
TPI-Abuse
2024-12-05 18:01:14
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 13:01:10.739267 2024] [security2:error] [pid 1308103:tid 1308103] [client 2607:f298:6:a014::627:cb3f:57412] [client 2607:f298:6:a014::627:cb3f] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||crafft.cloudex.link|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crafft.cloudex.link"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HqZs5Jumu-4w7Hab7hXAAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
ger-stg-sifi1
2024-12-01 22:08:08
(1 week ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
spyra.rocks
2024-12-01 14:55:07
(1 week ago)
WordPress
Web App Attack
spyra.rocks
2024-11-29 12:55:11
(1 week ago)
WordPress
Web App Attack
spyra.rocks
2024-11-28 05:10:25
(2 weeks ago)
WordPress
Web App Attack
TPI-Abuse
2024-11-25 23:13:50
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 18:13:45.977524 2024] [security2:error] [pid 3170438:tid 3170438] [client 2607:f298:6:a014::627:cb3f:41406] [client 2607:f298:6:a014::627:cb3f] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.peterjohnsonauthor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.peterjohnsonauthor.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0UEqTnxCZH-Q6p_bTAXiAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 15:42:08
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:6:a014::627:cb3f (numbera.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 10:42:02.830888 2024] [security2:error] [pid 598605:tid 598605] [client 2607:f298:6:a014::627:cb3f:53570] [client 2607:f298:6:a014::627:cb3f] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nagareinkpaper.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nagareinkpaper.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0SaygJxLjJjMbMPYHa4dAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
spyra.rocks
2024-11-24 01:55:13
(2 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-11-21 22:55:14
(2 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-11-19 13:10:35
(3 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-11-15 22:55:16
(3 weeks ago)
WordPress
Web App Attack
corthorn
2024-11-11 03:42:50
(1 month ago)
2607:f298:6:a014::627:cb3f - - [11/Nov/2024:04:42:48 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4217 "-" ... show more 2607:f298:6:a014::627:cb3f - - [11/Nov/2024:04:42:48 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4217 "-" "Mozilla/5.0 (Windows NT 5.1; rv:52.0) Gecko/20100101 Firefox/52.0"
... show less
Brute-Force