TPI-Abuse
2024-11-11 09:48:32
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 04:48:27.470678 2024] [security2:error] [pid 26393:tid 26393] [client 143.198.221.112:56797] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cosplayculture.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzHS6_6FUDfSJ2IkHE-FrAAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 08:58:41
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 03:58:34.940660 2024] [security2:error] [pid 26848:tid 26848] [client 143.198.221.112:60601] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thecommonsenseeconomist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thecommonsenseeconomist.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzHHOhUHSL7P0Daw9CDHXwAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 06:44:21
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 01:44:17.518850 2024] [security2:error] [pid 16076:tid 16230] [client 143.198.221.112:64925] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||victorchiarizia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "victorchiarizia.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzGnwbikLcr09CYU5p-7dwAAAhQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 05:20:25
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 00:20:20.942041 2024] [security2:error] [pid 18670:tid 18787] [client 143.198.221.112:57331] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||greencitymethods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greencitymethods.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzGUFGmgPtIQ3Hn95S8USgAAAg4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savoie
2024-11-11 04:54:00
(3 weeks ago)
143.198.221.112 ***.*** - [11/Nov/2024:05:54:23 +0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1. ... show more 143.198.221.112 ***.*** - [11/Nov/2024:05:54:23 +0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
143.198.221.112 ***.*** - [11/Nov/2024:05:54:24 +0100] "GET /2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
143.198.221.112 ***.*** - [11/Nov/2024:05:54:25 +0100] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
143.198.221.112 ***.*** - [11/Nov/2024:05:54:26 +0100] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" show less
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 04:23:06
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 23:23:01.504427 2024] [security2:error] [pid 16859:tid 16859] [client 143.198.221.112:54761] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ixd.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ixd.net"] [uri "/portfolio/glowphones-navigation-and-gameplay-with-light/wp-json/wp/v2/users/"] [unique_id "ZzGGpTEIInlsk1s8wbyTOwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 03:24:42
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 22:24:38.749073 2024] [security2:error] [pid 16234:tid 16234] [client 143.198.221.112:53377] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.creationorevolution.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.creationorevolution.net"] [uri "/build-india/index.htm/wp-json/wp/v2/users/"] [unique_id "ZzF49s7AAAksz1OVL5rntwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 01:14:41
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 20:14:37.447307 2024] [security2:error] [pid 3101:tid 3101] [client 143.198.221.112:60346] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.blacksheepoffroad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.blacksheepoffroad.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzFafVa84FnJh1O0MENuBwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 00:38:46
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 19:38:42.474057 2024] [security2:error] [pid 11890:tid 11890] [client 143.198.221.112:63050] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fltsiminc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fltsiminc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzFSErrLluU1ZMDRcQRfcAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 00:01:10
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 19:01:04.608316 2024] [security2:error] [pid 30385:tid 30385] [client 143.198.221.112:61367] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bestlawnsohio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bestlawnsohio.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzFJQPoxf-vxOgHdlqr2nAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-10 22:46:50
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 17:46:45.299000 2024] [security2:error] [pid 1736831:tid 1736831] [client 143.198.221.112:61637] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.elpaco.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.elpaco.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzE31Tm-kaGld-OE1m8KQwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-10 22:28:53
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 17:28:48.736185 2024] [security2:error] [pid 16763:tid 16763] [client 143.198.221.112:54650] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||exhaustthelimits.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzEzoJSqP_8Ym7XvoWiBpAAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-10 20:26:01
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 15:25:56.171771 2024] [security2:error] [pid 13331:tid 13331] [client 143.198.221.112:64144] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.flatchestedmama.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.flatchestedmama.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzEW1Azy1GanljQT9OLakgAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-10 19:46:19
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 143.198.221.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 14:46:14.880012 2024] [security2:error] [pid 26392:tid 26402] [client 143.198.221.112:62365] [client 143.198.221.112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.east-lease.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.east-lease.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzENhruMQxAgzbsrthLjxQAAAIg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-10 19:11:24
(3 weeks ago)
apache-wordpress-login
Brute-Force
Web App Attack