Locke
2024-11-27 09:27:00
(1 week ago)
Wordpress hacking attempt
Hacking
Web App Attack
TPI-Abuse
2024-11-26 13:42:22
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 08:42:15.888815 2024] [security2:error] [pid 415299:tid 415299] [client 104.207.60.228:32313] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aldonchem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aldonchem.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0XQN0vFXROoneEhulFvrgAAAAg"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-26 12:44:12
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 07:44:08.526506 2024] [security2:error] [pid 23761:tid 23761] [client 104.207.60.228:50049] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sieder.com.ar|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sieder.com.ar"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0XCmGzuuOrIiiCEDNFq2wAAAAE"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
Bedios GmbH
2024-11-25 16:52:17
(1 week ago)
Wordpress hacking attempt
Web App Attack
TPI-Abuse
2024-11-19 04:00:55
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 18 23:00:49.887511 2024] [security2:error] [pid 18863:tid 18863] [client 104.207.60.228:31605] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gulftelecom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gulftelecom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzwNcX2kZncy-0ZWdB_7fAAAAAU"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-18 19:28:10
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 18 14:28:03.690429 2024] [security2:error] [pid 25277:tid 25277] [client 104.207.60.228:33345] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||herrell.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "herrell.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzuVQzEGJltCocjccbserQAAAAc"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-17 08:58:14
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 17 03:58:09.203230 2024] [security2:error] [pid 25653:tid 25653] [client 104.207.60.228:29863] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mahtani.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mahtani.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzmwIfFpvJQI48tOWkqcuQAAAAU"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-17 07:36:19
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 17 02:36:13.958209 2024] [security2:error] [pid 1685390:tid 1685390] [client 104.207.60.228:16795] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rietzke.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rietzke.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Zzmc7SFPuHxnfJFpW_12sgAAAAI"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
Xuan Can
2024-11-15 15:34:52
(3 weeks ago)
(mod_security) mod_security (id:6) triggered by 104.207.60.228 (US/United States/-): 1 in the last 3 ... show more (mod_security) mod_security (id:6) triggered by 104.207.60.228 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 15 22:34:46.092870 2024] [security2:error] [pid 12103:tid 12206] [client 104.207.60.228:26779] [client 104.207.60.228] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "6"] [severity "CRITICAL"] [hostname "sieuthimaychu.vn"] [uri "/wp-login.php"] [unique_id "ZzdqFo6iwnhNRHRhLAS-ZQAAAVI"], referer: https://www.google.com show less
Brute-Force
SSH
TPI-Abuse
2024-11-11 22:51:55
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 17:51:51.900695 2024] [security2:error] [pid 21463:tid 21463] [client 104.207.60.228:13609] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dietzengineers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dietzengineers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzKKh9JI3udAzH9NDGH7kQAAAAQ"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-08 11:59:57
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.207.60.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 06:59:53.788386 2024] [security2:error] [pid 23943:tid 23943] [client 104.207.60.228:54533] [client 104.207.60.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||robertet.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "robertet.co"] [uri "/wp-json/wp/v2/users"] [unique_id "Zy39OYkEqzJlLwodR7oL7AAAAAs"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-08 06:20:56
(4 months ago)
Brute-Force
Anonymous
2024-06-22 17:30:46
(5 months ago)
VPN Authentication Brute Force
Brute-Force
Brute-Force
Anonymous
2024-06-21 06:20:29
(5 months ago)
VPN Authentication Brute Force postmaster
Brute-Force
Brute-Force
MrDD
2024-06-11 16:02:25
(5 months ago)
"Attempted brute force attack on Cisco VPN"
Brute-Force