spyra.rocks
2024-11-13 20:35:24
(3 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-11-11 19:35:37
(4 weeks ago)
WordPress
Web App Attack
spyra.rocks
2024-11-07 18:36:01
(1 month ago)
WordPress
Web App Attack
ghostwarriors
2024-11-06 23:20:05
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-06 03:01:11
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 22:01:07.358137 2024] [security2:error] [pid 21430:tid 21430] [client 2607:f298:5:117a::bbc:3690:46640] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||toldoth.gasoilliquidsdaily.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "toldoth.gasoilliquidsdaily.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zyrb8-q-DjZ0st7AlLDcegAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-06 02:35:32
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 21:35:28.176631 2024] [security2:error] [pid 653601:tid 653601] [client 2607:f298:5:117a::bbc:3690:33560] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "telecompros.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZyrV8J8pgRfW2n-OqKWJegAAABI"], referer: http://telecompros.net///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-06 01:19:50
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 20:19:44.951317 2024] [security2:error] [pid 16260:tid 16260] [client 2607:f298:5:117a::bbc:3690:41838] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||paulsingdahlsen.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paulsingdahlsen.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZyrEMGHuH9w1dp3Q8pw4twAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
jasperedv.de
2024-11-06 00:47:24
(1 month ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
on-com
2024-11-06 00:36:40
(1 month ago)
URL scan
Brute-Force
Web App Attack
Ba-Yu
2024-11-06 00:20:56
(1 month ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-11-06 00:09:52
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 19:09:47.725912 2024] [security2:error] [pid 15893:tid 15893] [client 2607:f298:5:117a::bbc:3690:42718] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||3beeze.bridgital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "3beeze.bridgital.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zyqzy8q-6AXd80hfjRtVZgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 23:51:35
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 18:51:29.268391 2024] [security2:error] [pid 21292:tid 21292] [client 2607:f298:5:117a::bbc:3690:34000] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ardath.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ardath.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZyqvgSb2AhGBwfNc4bpXLwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 23:28:46
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 18:28:40.789693 2024] [security2:error] [pid 27893:tid 27893] [client 2607:f298:5:117a::bbc:3690:55706] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "technesa.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZyqqKEVPP6bY2WAFeu0GowAAABM"], referer: http://technesa.com///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 18:36:43
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 13:36:36.568341 2024] [security2:error] [pid 25049:tid 25049] [client 2607:f298:5:117a::bbc:3690:36890] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||shhcenter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shhcenter.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZypltIqEcr6TuHG6QcTnUgAAAAY"], referer: http://shamanichearthealingcenter.org///wp-json/wp/v2/users/ show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 17:05:47
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com) ... show more (mod_security) mod_security (id:225170) triggered by 2607:f298:5:117a::bbc:3690 (irlphilippines.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 12:05:39.267914 2024] [security2:error] [pid 386204:tid 386204] [client 2607:f298:5:117a::bbc:3690:45562] [client 2607:f298:5:117a::bbc:3690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||site.kimbrothersusa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "site.kimbrothersusa.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZypQY9qSG7An9RfVH-v1BgAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack