Jaime
2024-07-18 13:28:01
(1 month ago)
65.108.80.43 - Access forbidden ... /wp-login.php
Brute-Force
ipoac.nl
2024-07-18 09:53:33
(1 month ago)
2024-07-18T11:53:33.276216+02:00 ipoac.nl wordpress(***)[1109134]: Authentication failure for***from ... show more 2024-07-18T11:53:33.276216+02:00 ipoac.nl wordpress(***)[1109134]: Authentication failure for***from 65.108.80.43 show less
Web App Attack
HoneyPotEU02
2024-07-18 08:50:10
(1 month ago)
wordpress-trap
Web App Attack
MAGIC
2024-07-18 07:05:59
(1 month ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
nationaleventpros.com
2024-07-18 04:12:59
(1 month ago)
WordPress login attempt
Brute-Force
Anonymous
2024-07-18 02:11:47
(1 month ago)
xmlrpc attack blocked attempt from fail2ban
...
Web App Attack
TPI-Abuse
2024-07-18 01:35:21
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 17 21:35:18.085909 2024] [security2:error] [pid 25930] [client 65.108.80.43:37908] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nessmonsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nessmonsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZphxVvnvVaeOAACV_S7eMAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
weblite
2024-07-17 19:37:54
(1 month ago)
WP_LOGIN_FAIL
Brute-Force
Web App Attack
teskedsgumman.se
2024-07-17 18:06:00
(1 month ago)
7 Atempts to log in.
Bad Web Bot
TPI-Abuse
2024-07-17 14:39:18
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 17 10:39:12.978130 2024] [security2:error] [pid 358:tid 419] [client 65.108.80.43:38664] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||atlasrecordssearch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "atlasrecordssearch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpfXkBIPFjKDZi3PA4cxBQAAAE8"], referer: http://atlasrecordssearch.com/wp-login.php show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-17 12:42:41
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 17 08:42:36.102853 2024] [security2:error] [pid 2990:tid 2990] [client 65.108.80.43:51266] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||iconconstructors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iconconstructors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zpe8PCguM-rN5NF0WX4cCgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
KIsmay
2024-07-17 11:44:35
(1 month ago)
WordPress Brute Force
Brute-Force
Web App Attack
TPI-Abuse
2024-07-17 10:08:59
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 17 06:08:55.058645 2024] [security2:error] [pid 17320:tid 17320] [client 65.108.80.43:37680] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||inverzona.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "inverzona.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpeYNxHx9hq2ytOhcnbxhwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
HoneyPotEU02
2024-07-17 10:03:30
(1 month ago)
wordpress-trap
Web App Attack
plzenskypruvodce.cz
2024-07-17 10:00:36
(1 month ago)
2024-07-17T12:00:31.919384+02:00 web wordpress(varhanykolin.cz)[1068657]: Immediately block connecti ... show more 2024-07-17T12:00:31.919384+02:00 web wordpress(varhanykolin.cz)[1068657]: Immediately block connections from 65.108.80.43
... show less
Brute-Force