rtbh.com.tr
2024-12-07 20:52:50
(1 month ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Swiptly
2024-12-07 12:50:43
(1 month ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
rtbh.com.tr
2024-12-06 20:52:58
(1 month ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
TPI-Abuse
2024-12-05 17:50:22
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 12:50:17.297842 2024] [security2:error] [pid 1410:tid 1410] [client 104.238.220.123:46334] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||samemahama2024.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "samemahama2024.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1Hn2dSjA1Hyb26oJxCsQgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 17:04:02
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 12:03:55.405461 2024] [security2:error] [pid 7533:tid 7533] [client 104.238.220.123:47558] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cosplayculture.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1Hc-4ON-oTmdZjAkofSwAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 16:22:55
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 11:22:47.041110 2024] [security2:error] [pid 3535128:tid 3535128] [client 104.238.220.123:60476] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.geriterry.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HTV96AggeRkS4YJZdWCwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
stinpriza
2024-12-05 15:54:40
(1 month ago)
WP Authentication attempt for unknown user
Brute-Force
Web App Attack
TPI-Abuse
2024-12-05 15:39:35
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 10:39:29.096992 2024] [security2:error] [pid 3878258:tid 3878258] [client 104.238.220.123:46620] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wp.sonnyvo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wp.sonnyvo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HJMcqah8OmOPJ9kUEKFgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 15:19:30
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 10:19:22.938317 2024] [security2:error] [pid 3382521:tid 3382521] [client 104.238.220.123:39446] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||michaelpmcgrath.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelpmcgrath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1HEevJTLA07M4keNt4y5QAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 14:19:00
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 09:18:56.694073 2024] [security2:error] [pid 7606:tid 7606] [client 104.238.220.123:38578] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||app.pigspolygon.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "app.pigspolygon.xyz"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1G2UAuv3zfSwe1Vg7C8bQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 13:41:42
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 08:41:36.140116 2024] [security2:error] [pid 4297:tid 4297] [client 104.238.220.123:42584] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.williams-rodriguez.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.williams-rodriguez.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1GtkGJVz2Yo2SvfVkiBSAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 12:57:39
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 07:57:33.298107 2024] [security2:error] [pid 21042:tid 21042] [client 104.238.220.123:56850] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.ornbaum.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.ornbaum.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1GjPRf8d_bOeP_YFbb89AAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 12:42:37
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 104.238.220.123 (atenaup.whmserver.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 07:42:32.630580 2024] [security2:error] [pid 9388:tid 9415] [client 104.238.220.123:39776] [client 104.238.220.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "whatismetamodern.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1GfuAJb12F-Qj_dkBoMawAAANc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-27 07:06:00
(4 months ago)
spam
Email Spam