Anonymous
2024-12-08 16:50:46
(1 day ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
taivas.nl
2024-12-08 15:32:14
(1 day ago)
Wordpress_xmlrpc_attack
Bad Web Bot
Anonymous
2024-12-07 15:28:01
(2 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-06 01:05:06
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 20:04:57.697199 2024] [security2:error] [pid 32669:tid 309] [client 180.235.149.189:56636] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||freespeechstudio.floridarobotics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freespeechstudio.floridarobotics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1JNuQuaWnc9x9yJGZkiEAAAAUc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 14:04:35
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 09:04:31.103277 2024] [security2:error] [pid 30214:tid 30214] [client 180.235.149.189:35600] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.support.leonardodecaprio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "support.leonardodecaprio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1Gy7013_DHjZhnaFbnTzwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 12:21:47
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 07:21:43.210824 2024] [security2:error] [pid 3167:tid 3167] [client 180.235.149.189:35396] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||motiangroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "motiangroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z1Ga13ty4j3yF5HLtiXH5QAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
polycoda
2024-11-28 00:03:10
(1 week ago)
🔑 Wordpress login brute force attempt
Hacking
Web App Attack
Anonymous
2024-11-27 21:08:31
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-26 12:56:38
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
wnbhosting.dk
2024-11-26 10:48:12
(1 week ago)
WP xmlrpc [2024-11-26T11:48:12+01:00]
Hacking
Web App Attack
TPI-Abuse
2024-11-25 20:45:25
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 15:45:20.347659 2024] [security2:error] [pid 27308:tid 27308] [client 180.235.149.189:47564] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stoneybluff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stoneybluff.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0Th4CMWgTO7Nwe1-fAD5gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 15:29:35
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 10:29:29.113111 2024] [security2:error] [pid 25321:tid 25321] [client 180.235.149.189:58980] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||evelynkay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "evelynkay.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0SX2cfBAjyGMWbfE-uPfAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 14:50:48
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 09:50:41.521812 2024] [security2:error] [pid 6815:tid 6815] [client 180.235.149.189:57698] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.churchbehindthewalls.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.churchbehindthewalls.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0SOwZKVnUrmixKGmTbWZwAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 13:15:51
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the ... show more (mod_security) mod_security (id:225170) triggered by 180.235.149.189 (maleo2.empatdns.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 08:15:46.916516 2024] [security2:error] [pid 17350:tid 17350] [client 180.235.149.189:48260] [client 180.235.149.189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||portsload.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "portsload.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0R4gkfrPAfBuHIAmeTvdQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
weblite
2024-11-22 19:54:27
(2 weeks ago)
WP_XMLRPC_ABUSE
Brute-Force
Web App Attack