WebWizards.NZ
2024-03-01 23:26:42
(10 months ago)
Trolling for resource vulnerabilities
Web App Attack
tecnicorioja
2024-03-01 23:02:04
(10 months ago)
POST /xmlrpc.php [01/Mar/2024:04:54:44
Brute-Force
Web App Attack
TPI-Abuse
2024-03-01 22:49:33
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 01 17:49:27.897080 2024] [security2:error] [pid 3825] [client 47.115.225.21:47598] [client 47.115.225.21] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||davidquiroa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "davidquiroa.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZeJbdx5AceTQrvp7RnxKoQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-01 22:07:35
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 01 17:07:31.994682 2024] [security2:error] [pid 25900] [client 47.115.225.21:59318] [client 47.115.225.21] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||2theacademy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "2theacademy.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZeJRo6SSW88QMSlezLuJuwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-01 21:03:01
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 01 16:02:54.820329 2024] [security2:error] [pid 28220] [client 47.115.225.21:42772] [client 47.115.225.21] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.paulschuster.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.paulschuster.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZeJCftgVPXV8QZyy0mhOowAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-03-01 21:02:32
(10 months ago)
MYH: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
10dencehispahard SL
2024-03-01 21:00:43
(10 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
TPI-Abuse
2024-03-01 20:34:05
(10 months ago)
(mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 47.115.225.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 01 15:33:58.641576 2024] [security2:error] [pid 23032:tid 47266205312768] [client 47.115.225.21:51768] [client 47.115.225.21] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chaoticperception.cynosureinternetservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chaoticperception.cynosureinternetservices.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZeI7tkSE_-vxdSdzGJM17gAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
zynex
2024-03-01 20:26:03
(10 months ago)
URL Probing: /wp-login.php
Web App Attack
rsiddall
2024-03-01 12:33:52
(10 months ago)
47.115.225.21 - - [01/Mar/2024:07:28:54 -0500] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 ... show more 47.115.225.21 - - [01/Mar/2024:07:28:54 -0500] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0"
47.115.225.21 - - [01/Mar/2024:07:33:51 -0500] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0"
... show less
Brute-Force
Ba-Yu
2024-03-01 11:31:50
(10 months ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
Cloudkul Cloudkul
2024-03-01 11:25:04
(10 months ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
mawan
2024-03-01 11:21:59
(10 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
jasperedv.de
2024-03-01 08:53:13
(10 months ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
neo72
2024-03-01 06:29:35
(10 months ago)
Spam
Email Spam