๐บ๐ธ
LARL-Stompro-2024
2025-11-22 22:48:21
(7 months ago)
Evergreen ILS - Mylist Bot Abuse - HTTP Port 443 - Fake UserAgent. Requests:1
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-06-04 04:58:00
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.c ...
show more
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 04 00:57:51.951300 2025] [security2:error] [pid 574122:tid 574122] [client 138.121.181.212:55140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||naturalacu.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "naturalacu.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aD_ST22j7VJSwQmTtU_gjAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-04 01:42:56
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.c ...
show more
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 03 21:42:50.603348 2025] [security2:error] [pid 648758:tid 648758] [client 138.121.181.212:55382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||insidepublications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "insidepublications.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aD-kmoQEmgcXm4joQeZw_AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
rtbh.com.tr
2025-06-03 00:06:55
(1 year ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐น๐ท
rtbh.com.tr
2025-06-02 20:06:56
(1 year ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-06-02 02:13:38
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.c ...
show more
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 22:13:31.528862 2025] [security2:error] [pid 2712857:tid 2712857] [client 138.121.181.212:55037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bigheartskitchen.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bigheartskitchen.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aD0Iy65pgMHcohlDuziGFAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-06-01 10:53:08
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-05-31 14:16:42
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.c ...
show more
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 31 10:16:38.225205 2025] [security2:error] [pid 1339630:tid 1339630] [client 138.121.181.212:55203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||athletefirst.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "athletefirst.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aDsPRiWWyORj6qvnXBnXfQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-05-31 13:39:13
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.c ...
show more
(mod_security) mod_security (id:225170) triggered by 138.121.181.212 (138.121.181.212.connectesite.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 31 09:39:08.076166 2025] [security2:error] [pid 1274608:tid 1274608] [client 138.121.181.212:55239] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||procigar.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "procigar.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aDsGfDi9FaT9mcoefDCyRwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-05-31 13:08:30
(1 year ago)
XMLRPC Hack Attempts
Hacking
Brute-Force
๐ณ๐ฑ
Roderic
2025-05-31 07:27:40
(1 year ago)
(apache_scanners-2) Failed apache-scanners trigger with match [redacted])
Port Scan
๐ณ๐ฑ
Roderic
2025-05-31 07:27:40
(1 year ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted])
Port Scan
๐ฉ๐ช
ger-stg-sifi1
2025-05-31 03:23:18
(1 year ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
Kenshin869
2025-05-30 12:19:23
(1 year ago)
Wordpress unauthorized access attempt
Brute-Force
Anonymous
2025-05-29 07:28:33
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH