MAGIC
2025-01-29 20:02:19
(1 week ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
maxxsense
2025-01-25 15:31:34
(2 weeks ago)
(wordpress) Failed wordpress login from 2a03:6f00:1::5c35:6079 (RU/Russia/vh64.timeweb.ru)
Brute-Force
Swiptly
2025-01-24 20:18:35
(2 weeks ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
Ba-Yu
2025-01-23 17:27:34
(2 weeks ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
SCHAPPY
2025-01-21 12:40:05
(3 weeks ago)
Attack to wordpress xmlrpc
Web App Attack
TPI-Abuse
2025-01-17 19:13:10
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 14:13:04.485164 2025] [security2:error] [pid 728:tid 743] [client 2a03:6f00:1::5c35:6079:44916] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||okorganicgardening.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "okorganicgardening.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4qrwEQRRn0gAYpo8SSJ0AAAAIw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-17 12:27:06
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 07:26:58.185701 2025] [security2:error] [pid 2867552:tid 2867552] [client 2a03:6f00:1::5c35:6079:42774] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bfpsamoa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bfpsamoa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4pMkvg_JEP1STSJxYFfDAAAAB0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-17 11:56:14
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 06:56:09.837453 2025] [security2:error] [pid 26078:tid 26078] [client 2a03:6f00:1::5c35:6079:49160] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||zabdisrl.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zabdisrl.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4pFWaPr6bcNchsrqLbMFwAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-17 11:15:36
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 06:15:32.955203 2025] [security2:error] [pid 20527:tid 20527] [client 2a03:6f00:1::5c35:6079:43644] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.jbernsteinpc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.jbernsteinpc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4o71LW1_u8LfmH0a8iUwQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
ger-stg-sifi1
2025-01-15 23:48:32
(3 weeks ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
TPI-Abuse
2024-11-26 03:02:15
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 22:02:10.423160 2024] [security2:error] [pid 13223:tid 13223] [client 2a03:6f00:1::5c35:6079:48688] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||clcmillvale.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "clcmillvale.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0U6Mk2tsFcdHqRlwHyTxgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
on-com
2024-11-26 00:55:55
(2 months ago)
URL scan
Brute-Force
Web App Attack
TPI-Abuse
2024-11-25 14:11:49
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 09:11:44.256897 2024] [security2:error] [pid 30096:tid 30096] [client 2a03:6f00:1::5c35:6079:60340] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||38floorsupply.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "38floorsupply.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0SFoB1j1FfLPS2njenr5QAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 13:55:12
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 08:55:06.850226 2024] [security2:error] [pid 27810:tid 27810] [client 2a03:6f00:1::5c35:6079:59142] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||staben.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staben.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0SBupWXaSFRef2fAPAFQwAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 13:15:24
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 2a03:6f00:1::5c35:6079 (vh64.timeweb.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 08:15:21.483484 2024] [security2:error] [pid 3699602:tid 3699602] [client 2a03:6f00:1::5c35:6079:34322] [client 2a03:6f00:1::5c35:6079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||circulodesonido.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "circulodesonido.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0R4acuA_0GOsP4HxwureAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack