Anonymous
2025-09-23 21:42:41
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-08-16 07:46:24
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-08-05 01:18:14
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-07-02 03:57:18
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 23:57:15.361925 2025] [security2:error] [pid 23670:tid 23670] [client 156.253.177.104:30497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||endriss.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "endriss.info"] [uri "/wp-json/wp/v2/users"] [unique_id "aGSuGwHWaReOoyiFT8ZfswAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-01 22:03:56
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 18:03:54.031990 2025] [security2:error] [pid 2333:tid 2333] [client 156.253.177.104:58521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||harintonmechanical.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "harintonmechanical.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aGRbSlQn4_n7X6IpFJVgsAAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-05-17 17:45:29
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-05-10 19:28:31
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 10 15:28:25.951382 2025] [security2:error] [pid 933718:tid 933718] [client 156.253.177.104:22007] [client 156.253.177.104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arlan-associates.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arlan-associates.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aB-o2W7n8rdGzGroD-Sw3QAAAB4"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2025-05-08 20:03:33
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2025-05-04 07:33:37
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-05-04 01:07:19
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 03 21:07:14.402564 2025] [security2:error] [pid 2664518:tid 2664518] [client 156.253.177.104:32699] [client 156.253.177.104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||idodat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "idodat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aBa9wlOOOJNaSBRCALZVVgAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-04-30 16:56:22
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-04-25 11:04:54
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 25 07:04:50.390954 2025] [security2:error] [pid 18753:tid 18753] [client 156.253.177.104:16685] [client 156.253.177.104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sipkg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sipkg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aAtsUlRuPa60D5UpeKhYhQAAABI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-15 15:20:19
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 15 11:20:11.925389 2025] [security2:error] [pid 352274:tid 352274] [client 156.253.177.104:49401] [client 156.253.177.104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sieder.com.ar|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sieder.com.ar"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_55K6qzcrGABu0V4JjggQAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-04 16:43:54
(1 year ago)
(mod_security) mod_security (id:210740) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210740) triggered by 156.253.177.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 04 12:43:49.780611 2025] [security2:error] [pid 14193:tid 14242] [client 156.253.177.104:11815] [client 156.253.177.104] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy||property-management.company|F|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "property-management.company"] [uri "/"] [unique_id "Z_AMRTBLudpmIYNmWCvnWAAAAEo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-29 23:34:43
(1 year ago)
Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report tim ...
show more
Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report timestamp
show less
Hacking
Brute-Force