taivas.nl
2025-01-29 06:02:13
(2 weeks ago)
Bad_requests
Bad Web Bot
chnet
2025-01-26 21:48:00
(3 weeks ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
Dolphi
2025-01-26 03:30:05
(3 weeks ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
noise.agency
2025-01-25 23:11:59
(3 weeks ago)
(wordpress) Failed wordpress login from 104.248.156.12 (SG/Singapore/-)
Brute-Force
TPI-Abuse
2025-01-25 17:31:32
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 12:31:28.345776 2025] [security2:error] [pid 29026:tid 29026] [client 104.248.156.12:53764] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||68sportsuniforms.liddlesports.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "68sportsuniforms.liddlesports.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5Uf8Au1O7_RrWpRjTPJpgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-25 14:56:56
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 09:56:51.353918 2025] [security2:error] [pid 748547:tid 748547] [client 104.248.156.12:57322] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||4give-n-hearts.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "4give-n-hearts.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5T7s4RM0f7W3I5kY54TCwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-25 12:01:30
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 25 07:01:24.642835 2025] [security2:error] [pid 24207:tid 24207] [client 104.248.156.12:62571] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ciptaconindotara.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ciptaconindotara.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5TSlBFSq9-J5zpq8tl0PQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Steve
2025-01-25 11:57:11
(3 weeks ago)
SQL Injection Attempts
SQL Injection
Brute-Force
Vegascosmetics
2025-01-24 22:50:46
(3 weeks ago)
Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned
Hacking
Bad Web Bot
Web App Attack
Anonymous
2025-01-24 21:13:20
(3 weeks ago)
apache-wordpress-login
Brute-Force
Web App Attack
TPI-Abuse
2025-01-24 18:17:39
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 13:17:34.222159 2025] [security2:error] [pid 513079:tid 513079] [client 104.248.156.12:64081] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||idabwellsmonument.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "idabwellsmonument.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5PZPoah9OndeGVDwoC_ZgAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-24 11:47:08
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 06:47:04.938823 2025] [security2:error] [pid 12121:tid 12121] [client 104.248.156.12:62606] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.248.156.12 (+1 hits since last alert)|www.alpipac.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.alpipac.org"] [uri "/xmlrpc.php"] [unique_id "Z5N9uFCyD578BWcqNwhY9AAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-24 09:04:47
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 24 04:04:42.309262 2025] [security2:error] [pid 31109:tid 31109] [client 104.248.156.12:64046] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||carlosescutia.spyasociados.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carlosescutia.spyasociados.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5NXqj3aZuuLpmlMp06mIAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-24 00:29:58
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 104.248.156.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 23 19:29:55.031410 2025] [security2:error] [pid 1665131:tid 1665131] [client 104.248.156.12:57602] [client 104.248.156.12] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.casapapayasanmiguel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.casapapayasanmiguel.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z5LfAx7DKZhlMXE07p-B2QAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Dolphi
2025-01-23 22:50:04
(3 weeks ago)
POST //xmlrpc.php
Brute-Force
Web App Attack