TPI-Abuse
2024-09-01 17:29:59
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 01 13:29:52.054996 2024] [security2:error] [pid 1810:tid 1810] [client 197.232.36.210:54171] [client 197.232.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ideaofauniversity.website"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZtSkkDOHCO0kBYpWPqHx6AAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-29 19:06:11
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-08-29 12:55:48
(2 weeks ago)
Trawling for Open Source CMS installs
Hacking
Brute-Force
TPI-Abuse
2024-08-26 15:25:50
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 11:25:41.998841 2024] [security2:error] [pid 10167:tid 10167] [client 197.232.36.210:50623] [client 197.232.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tradersworldmarket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tradersworldmarket.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZsyedWEtF_bXG4UvTLDR_AAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
axllent
2024-08-08 09:26:18
(1 month ago)
Wordpress login scanning
Brute-Force
Web App Attack
MAGIC
2024-07-16 15:00:46
(2 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-07-16 06:01:50
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 16 02:01:42.231084 2024] [security2:error] [pid 15607] [client 197.232.36.210:51441] [client 197.232.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.swcbsa.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.swcbsa.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZpYMxlNnVBi_bGxD8WXleQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-06 10:53:29
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 06 06:53:22.129331 2024] [security2:error] [pid 10086] [client 197.232.36.210:57985] [client 197.232.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.susanleeward.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.susanleeward.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZokiImd-ADoU9tq8qcpQgwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Linuxmalwarehuntingnl
2024-07-03 08:56:06
(2 months ago)
Unauthorized connection attempt
Brute-Force
TPI-Abuse
2024-06-27 16:12:33
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 197.232.36.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 12:12:27.826601 2024] [security2:error] [pid 24077] [client 197.232.36.210:61254] [client 197.232.36.210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.midway-island.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.midway-island.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zn2Pa-Hasij-ZTl3Vaj-egAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
findlab
2024-06-15 05:20:01
(3 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Bad Web Bot
Web App Attack
Web App Attack
rdpguard.com
2024-06-02 18:02:08
(3 months ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
afleventoffice.com.au
2024-05-01 21:06:48
(4 months ago)
Web App Attack
Anonymous
2024-04-29 07:24:57
(4 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
axllent
2024-04-20 15:45:50
(4 months ago)
Wordpress login attempts
Brute-Force
Web App Attack