cmbplf
|
|
1.006 POST requests to */wp-login.php
|
Brute-Force
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in ... show more(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 05:37:03.119863 2024] [security2:error] [pid 7913:tid 7913] [client 89.22.238.191:56636] [client 89.22.238.191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||phlippo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "phlippo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZyyYT7MQ9vJOrplb89pucAAAAAA"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
selahattinalan
|
|
89.22.238.191 - - [07/Nov/2024:13:20:16 +0300] "POST /xmlrpc.php HTTP/1.1" 200 3836 "-" "Apache-Http ... show more89.22.238.191 - - [07/Nov/2024:13:20:16 +0300] "POST /xmlrpc.php HTTP/1.1" 200 3836 "-" "Apache-HttpClient/4.5.13 (Java/11.0.24)" show less
|
Brute-Force
|
|
noise.agency
|
|
(wordpress) Failed wordpress login from 89.22.238.191 (SE/Sweden/exotic-plate.aeza.network)
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in ... show more(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 05:12:31.876893 2024] [security2:error] [pid 27617:tid 27617] [client 89.22.238.191:38514] [client 89.22.238.191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||persnicketyinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZyySj03rPkj83xsBX3ZR1QAAAAk"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities - 135
|
Exploited Host
Web App Attack
|
|
mawan
|
|
Suspected of having performed illicit activity on LAX server.
|
Web App Attack
|
|
Ba-Yu
|
|
WP-xmlrpc exploit
|
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
|
|
Anonymous
|
|
apache-wordpress-login
|
Brute-Force
Web App Attack
|
|
Jean Valjean
|
|
Fail2ban Caboom : wp-login.php Bruteforce
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in ... show more(mod_security) mod_security (id:225170) triggered by 89.22.238.191 (exotic-plate.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 04:28:14.351311 2024] [security2:error] [pid 9826:tid 9826] [client 89.22.238.191:57280] [client 89.22.238.191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||flutepraise.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "flutepraise.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZyyILjvz98uxWw0Wr8opjgAAAAw"], referer: https://www.google.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|