spyra.rocks
2025-01-03 16:02:14
(2 weeks ago)
WordPress
Web App Attack
spyra.rocks
2025-01-01 12:02:16
(3 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-12-31 08:02:09
(3 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-12-29 05:02:11
(3 weeks ago)
WordPress
Web App Attack
ger-stg-sifi1
2024-12-04 18:49:55
(1 month ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2024-12-04 18:49:41
(1 month ago)
apache-wordpress-login
Brute-Force
Web App Attack
TPI-Abuse
2024-12-04 18:45:05
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 13:45:00.051707 2024] [security2:error] [pid 28310:tid 28310] [client 62.60.228.9:43856] [client 62.60.228.9] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||method-one.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "method-one.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1CjLOlfqVg-faem6dWeqQAAADI"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
LRob.fr
2024-12-04 18:30:09
(1 month ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
maxxsense
2024-12-04 18:19:26
(1 month ago)
(wordpress) Failed wordpress login from 62.60.228.9 (IR/Iran/-)
Brute-Force
TPI-Abuse
2024-12-04 18:12:34
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 13:12:31.009645 2024] [security2:error] [pid 2516202:tid 2516202] [client 62.60.228.9:32828] [client 62.60.228.9] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||persnicketyinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1CbjzYxRqFuzvoyIRcM3gAAAAA"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-04 18:10:07
(1 month ago)
(WPLOGIN) WP Login Attack 62.60.228.9 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Dir ... show more (WPLOGIN) WP Login Attack 62.60.228.9 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: 1 show less
Brute-Force
SSH
bsoft.de
2024-12-04 18:08:53
(1 month ago)
62.60.228.9 - - [04/Dec/2024:19:08:49 +0100] "GET /wp-json/wp/v2/users HTTP/1.1" 404 144 "https://ww ... show more 62.60.228.9 - - [04/Dec/2024:19:08:49 +0100] "GET /wp-json/wp/v2/users HTTP/1.1" 404 144 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
62.60.228.9 - - [04/Dec/2024:19:08:52 +0100] "POST /xmlrpc.php HTTP/1.1" 200 181 "-" "Apache-HttpClient/4.5.13 (Java/11.0.25)"
62.60.228.9 - - [04/Dec/2024:19:08:52 +0100] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Apache-HttpClient/4.5.13 (Java/11.0.25)" show less
Web App Attack
FeG Deutschland
2024-12-04 17:57:47
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities - 135
Exploited Host
Web App Attack
Anonymous
2024-12-04 17:57:22
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-04 17:56:56
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 62.60.228.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 12:56:53.463417 2024] [security2:error] [pid 2986223:tid 2986223] [client 62.60.228.9:45462] [client 62.60.228.9] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||passy.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "passy.us"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1CX5TknuDvj7t4cJ49_qAAAAAA"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack