TPI-Abuse
2024-12-04 12:54:59
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 04 07:54:54.294278 2024] [security2:error] [pid 4016750:tid 4016750] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:63639] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lightningbug.farm|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lightningbug.farm"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z1BRHmxkrVIs0lquypVK0gAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-28 10:46:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 28 05:46:04.803881 2024] [security2:error] [pid 21068:tid 21068] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:50425] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||campnecon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "campnecon.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z0hJ7A8LZ9ZnxTWjDrSAoAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
geot
2024-09-22 17:15:27
(3 months ago)
GET /wp-login.php HTTP/1.1
GET /xmlrpc.php HTTP/1.1
Web App Attack
TPI-Abuse
2024-09-20 01:07:21
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 19 21:07:17.822266 2024] [security2:error] [pid 9193:tid 9193] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:54985] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bonegym.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bonegym.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZuzKxSobOnlaPRkQA3jfvwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Bedios GmbH
2024-09-01 13:36:52
(4 months ago)
Wordpress hacking attempt
Web App Attack
TPI-Abuse
2024-08-11 04:05:35
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 00:05:29.019361 2024] [security2:error] [pid 20717:tid 20717] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:61416] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bigheartskitchen.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bigheartskitchen.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zrg4iU9aJK67aYG7xVlnvwAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-04 03:15:24
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 23:15:09.425410 2024] [security2:error] [pid 15686:tid 15686] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:62790] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.grasslakepizzatime.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.grasslakepizzatime.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zq7yPR0jxByNdeDDU7pwPAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-06-10 00:47:11
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 09 20:47:05.257801 2024] [security2:error] [pid 11015] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:59923] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||newmooncafe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newmooncafe.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZmZNCRccPe10s3k1rs52ewAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
URAN Publishing Service
2024-06-01 06:58:07
(7 months ago)
2603:3020:2d14:8d00:3d37:b237:d744:f49b - - [01/Jun/2024:09:57:58 +0300] "GET /wp-login.php HTTP/1.1 ... show more 2603:3020:2d14:8d00:3d37:b237:d744:f49b - - [01/Jun/2024:09:57:58 +0300] "GET /wp-login.php HTTP/1.1" 404 2973 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
2603:3020:2d14:8d00:3d37:b237:d744:f49b - - [01/Jun/2024:09:58:05 +0300] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
... show less
Web App Attack
TPI-Abuse
2024-05-29 10:23:36
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 06:23:31.110704 2024] [security2:error] [pid 3143685] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:56234] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||faithlines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faithlines.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZlcCI9Db8ovoPbkMdr9CogAAAB0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-23 19:44:25
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 15:44:18.653188 2024] [security2:error] [pid 2929652] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:64654] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cosplayculture.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zk-ckow5hYEr3Uv2SCQkzwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-05-22 22:16:47
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknow ... show more (mod_security) mod_security (id:225170) triggered by 2603:3020:2d14:8d00:3d37:b237:d744:f49b (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 22 18:16:40.220656 2024] [security2:error] [pid 4378] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b:61411] [client 2603:3020:2d14:8d00:3d37:b237:d744:f49b] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tradersworldmarket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tradersworldmarket.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Zk5uyDG0r_JLpYlpst6xnAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack