|
π¦πΊ
MAGIC
|
|
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
π²πΉ
Malta
|
|
89.117.57.170 - - [30/Jun/2026:23:08:30 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linu ...
show more
89.117.57.170 - - [30/Jun/2026:23:08:30 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
|
Hacking
Web App Attack
Brute-Force
|
|
|
π©πͺ
neckaralb-admin.de
|
|
(wordpress) Failed login wp-login.php or xmlrpc.php
|
Web App Attack
|
|
|
π©πͺ
ger-stg-sifi1
|
|
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
|
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:11:42.309302 2026] [security2:error] [pid 29865:tid 29955] [client 89.117.57.170:51962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artmarialeon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIMng4vitW4uHTYIULPWQAAAdg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:48:46.969710 2026] [security2:error] [pid 22637:tid 22706] [client 89.117.57.170:32896] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||planmytrust.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "planmytrust.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akHO_l1uMmoeanDWoS7IHwAAAIQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:28:10.744350 2026] [security2:error] [pid 30829:tid 30829] [client 89.117.57.170:50192] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||humbliaslaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "humbliaslaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akG8GgebzIf3jIXQlqFJ9QAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π²π½
octageeks.com
|
|
Wordpress malicious attack:[octaflood]
|
Web App Attack
|
|
|
π·π΄
SpamStopper
|
|
Automated mitigation by Fail2Ban firewall due to persistent security policy violations.
|
Port Scan
Brute-Force
Web App Attack
|
|
|
π²π½
octageeks.com
|
|
Wordpress malicious attack:[octawp]
|
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 89.117.57.170 (web121.fastservers.africa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:40:37.036726 2026] [security2:error] [pid 15618:tid 15618] [client 89.117.57.170:38178] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wild-goose.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wild-goose.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiYBdavt-zLM6e0LwUZfOgAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
π²πΉ
Malta
|
|
89.117.57.170 - - [06/Jun/2026:18:38:30 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ...
show more
89.117.57.170 - - [06/Jun/2026:18:38:30 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
Brute-force password attempt
show less
|
Hacking
Web App Attack
Brute-Force
|
|
|
πΊπΈ
freeutka
|
|
WordPress brute-force login attempt on wp-login.php.
|
Brute-Force
Web App Attack
|
|
|
π©πͺ
LRob
|
|
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
|
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
WordPress Brute Force
|
Brute-Force
|
|