TPI-Abuse
2024-08-23 17:19:48
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 23 13:19:43.513298 2024] [security2:error] [pid 16827:tid 16827] [client 2402:1f00:8100:b7:::55066] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lcoor.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lcoor.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZsjEr-Zg1-SeaIxr8WSJ7AAAAAY"], referer: http://ourredeemeroxnard.org///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-08-23 14:10:29
(1 month ago)
Probing for Wordpress vulnerabilities
Bad Web Bot
Web App Attack
Max la Menace
2024-08-23 13:05:54
(1 month ago)
Wordpress attack (F)
Blog Spam
Web App Attack
dtorrer
2024-08-23 07:11:55
(1 month ago)
Dictionary attack on login resource.
Brute-Force
Axel
2024-08-23 05:39:47
(1 month ago)
Attempted access to sensitive WordPress file: xmlrpc.php.
Brute-Force
Web App Attack
SSH
ger-stg-sifi1
2024-08-23 05:34:37
(1 month ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
weblite
2024-08-23 05:13:28
(1 month ago)
WP_XMLRPC_ABUSE
Brute-Force
Web App Attack
TPI-Abuse
2024-08-23 00:29:39
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 20:29:33.292519 2024] [security2:error] [pid 3153:tid 3153] [client 2402:1f00:8100:b7:::57958] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||capitalswisscorp.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "capitalswisscorp.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZsfX7Suexe8SBFe1c0LzggAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
spyra.rocks
2024-08-23 00:21:56
(1 month ago)
WordPress Backend Shield
Web App Attack
TPI-Abuse
2024-08-23 00:13:05
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 20:12:57.653061 2024] [security2:error] [pid 16723:tid 16723] [client 2402:1f00:8100:b7:::43334] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lemoulinavent.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lemoulinavent.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZsfUCRnPtzIFrsGaMPe01gAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-22 22:38:18
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 18:38:14.803179 2024] [security2:error] [pid 5167:tid 5167] [client 2402:1f00:8100:b7:::52018] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ohanameetup.party|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ohanameetup.party"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zse91mCOY1CAymsqBLWh2gAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-22 22:09:42
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 18:09:37.052794 2024] [security2:error] [pid 17638:tid 17638] [client 2402:1f00:8100:b7:::52636] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||deptos.online|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "deptos.online"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zse3IZqM4GYwDJZDv7T0vAAAAAo"], referer: http://deptos.online///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
jasperedv.de
2024-08-22 05:24:57
(1 month ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
TPI-Abuse
2024-08-20 07:59:33
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 03:59:28.081116 2024] [security2:error] [pid 6415:tid 6415] [client 2402:1f00:8100:b7:::39032] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||meetupmadness.io|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meetupmadness.io"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZsRM4DuX5_nxCngsIBWptwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-20 07:30:00
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 30 ... show more (mod_security) mod_security (id:225170) triggered by 2402:1f00:8100:b7:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 20 03:29:52.693189 2024] [security2:error] [pid 3468:tid 3521] [client 2402:1f00:8100:b7:::35760] [client 2402:1f00:8100:b7::] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.thecraftsycat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.thecraftsycat.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZsRF8C6neHvuLr2hNHvQowAAAEM"] show less
Brute-Force
Bad Web Bot
Web App Attack