mashamal
2024-12-19 07:45:33
(1 month ago)
Vulnerability Probe
...
Web App Attack
TPI-Abuse
2024-12-19 07:12:36
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 19 02:12:31.639451 2024] [security2:error] [pid 17124:tid 17124] [client 2a01:4f8:231:3d55::4b7:12170] [client 2a01:4f8:231:3d55::4b7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||shhcenter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shhcenter.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z2PHX7NEPZMFpmCK4vaMUwAAAAM"], referer: http://shamanichearthealingcenter.org///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-19 06:15:29
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 19 01:15:24.526467 2024] [security2:error] [pid 15352:tid 15352] [client 2a01:4f8:231:3d55::4b7:41336] [client 2a01:4f8:231:3d55::4b7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rambleandprose.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rambleandprose.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z2O5_M2843lujvYJooEk7QAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-19 05:12:09
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 19 00:12:02.175701 2024] [security2:error] [pid 17039:tid 17039] [client 2a01:4f8:231:3d55::4b7:34872] [client 2a01:4f8:231:3d55::4b7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cubbylure.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cubbylure.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z2OrIldcc45EHe-xGvPAeAAAAAI"], referer: http://cubbyjig.com///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
Max la Menace
2024-12-18 12:50:26
(1 month ago)
Wordpress Attack (P)
Web App Attack
QT
2024-12-18 11:51:02
(1 month ago)
Unauthorised WordPress admin login attempted at 2024-12-18 21:50:56 +1000
Web App Attack
LRob.fr
2024-12-18 05:15:12
(1 month ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
TPI-Abuse
2024-12-16 16:44:51
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 11:44:48.526307 2024] [security2:error] [pid 1498983:tid 1498983] [client 2a01:4f8:231:3d55::4b7:9228] [client 2a01:4f8:231:3d55::4b7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||internetgamblingsites.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "internetgamblingsites.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z2BZAGoV8rf3hQoXGYWwEwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-16 16:21:27
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 2a01:4f8:231:3d55::4b7 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 16 11:21:19.757238 2024] [security2:error] [pid 14381:tid 14381] [client 2a01:4f8:231:3d55::4b7:26092] [client 2a01:4f8:231:3d55::4b7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||celebritybikinigossip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "celebritybikinigossip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z2BTf3XIbEKGGkPH3HHGYQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
ph
2024-12-16 14:20:27
(1 month ago)
Bad web bot attempting to run wp-login.php on non-WP site
Hacking
Bad Web Bot
Web App Attack
Ba-Yu
2024-12-16 11:55:26
(1 month ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
Anonymous
2024-12-16 11:40:18
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
jasperedv.de
2024-12-16 11:25:03
(1 month ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
cmbplf
2024-12-15 08:23:15
(1 month ago)
5.265 POST requests to */wp-login.php
Brute-Force
Bad Web Bot
Mendip_Defender
2024-12-15 06:54:58
(1 month ago)
2a01:4f8:231:3d55::4b7 - - [15/Dec/2024:06:37:52 +0000] "POST /wp-login.php HTTP/1.0" 200 3790 "-" " ... show more 2a01:4f8:231:3d55::4b7 - - [15/Dec/2024:06:37:52 +0000] "POST /wp-login.php HTTP/1.0" 200 3790 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0"
2a01:4f8:231:3d55::4b7 - - [15/Dec/2024:06:55:06 +0000] "POST /wp-login.php HTTP/1.0" 200 3790 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:89.0) Gecko/20100101 Firefox/89.0"
... show less
Brute-Force