Swiptly
2024-07-16 10:40:00
(2 months ago)
WordPress brute force login or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-16 10:18:36
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 06:18:30.981209 2024] [security2:error] [pid 30638] [client 65.108.80.43:43580] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||joevallone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joevallone.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpZI9ozpXPu5il_RjKZGmAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-07-16 10:06:50
(2 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-16 09:38:46
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 05:38:40.333674 2024] [security2:error] [pid 29043] [client 65.108.80.43:52194] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||empoweruohio.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "empoweruohio.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpY_oIrCk66mrSG02uxxvQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-16 09:04:46
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 05:04:39.940675 2024] [security2:error] [pid 693729:tid 693729] [client 65.108.80.43:42434] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jazziientertainment.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jazziientertainment.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpY3p3zhFetu0ydG6JTUugAAAAk"], referer: http://jazziientertainment.com/wp-login.php show less
Brute-Force
Bad Web Bot
Web App Attack
10dencehispahard SL
2024-07-16 09:02:16
(2 months ago)
Unauthorized login attempts [ wordpress]
Brute-Force
Web App Attack
RLDD
2024-07-16 08:54:15
(2 months ago)
WP probing for vulnerabilities -mob
Web App Attack
TPI-Abuse
2024-07-16 08:25:25
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 04:25:19.713944 2024] [security2:error] [pid 27674] [client 65.108.80.43:52420] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||velvetculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "velvetculture.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpYub4S3m-bUPyiOHx-bagAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-16 08:04:12
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 04:04:08.913285 2024] [security2:error] [pid 7937] [client 65.108.80.43:44340] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.hoodiemaster.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.hoodiemaster.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpYpeC-eLcAJzmaJRi7dlgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-16 07:43:25
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your- ... show more (mod_security) mod_security (id:225170) triggered by 65.108.80.43 (static.43.80.108.65.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 03:43:17.225282 2024] [security2:error] [pid 13696:tid 13696] [client 65.108.80.43:43612] [client 65.108.80.43] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||feestweek.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "feestweek.info"] [uri "/wp-json/wp/v2/users"] [unique_id "ZpYklY85gwTL7WpzYpo23gAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2022-05-29 13:04:06
(2 years ago)
20 attempts against mh-ssh on sky
Brute-Force
SSH
3mod.eu
2022-05-29 12:22:52
(2 years ago)
May 29 18:20:38 ts sshd[22511]: Invalid user postfix from 65.108.80.43 port 42244
May 29 18:20 ... show more May 29 18:20:38 ts sshd[22511]: Invalid user postfix from 65.108.80.43 port 42244
May 29 18:20:38 ts sshd[22511]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=65.108.80.43
May 29 18:20:38 ts sshd[22511]: Invalid user postfix from 65.108.80.43 port 42244
May 29 18:20:39 ts sshd[22511]: Failed password for invalid user postfix from 65.108.80.43 port 42244 ssh2
May 29 18:22:48 ts sshd[22843]: Invalid user test from 65.108.80.43 port 46110
... show less
Brute-Force
SSH