TPI-Abuse
2024-10-19 15:35:26
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 19 11:35:20.309913 2024] [security2:error] [pid 24921:tid 24947] [client 2a01:7e03::f03c:95ff:fe7e:54c:40956] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.abusaimeh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.abusaimeh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZxPRuAw-CsV4Lh87TtkLPQAAARg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-19 12:42:45
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 19 08:42:41.611422 2024] [security2:error] [pid 23068:tid 23068] [client 2a01:7e03::f03c:95ff:fe7e:54c:36302] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||babylontravelone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "babylontravelone.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZxOpQUZkY0UQCPFvn3p8fQAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
LRob.fr
2024-10-17 16:30:10
(2 weeks ago)
Apache web server attack detected by Fail2Ban in plesk-apache jail
Web App Attack
Anonymous
2024-10-17 12:17:32
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Cloudkul Cloudkul
2024-10-17 12:10:07
(2 weeks ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
corthorn
2024-10-17 05:17:19
(2 weeks ago)
2a01:7e03::f03c:95ff:fe7e:54c - - [17/Oct/2024:07:17:18 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4178 ... show more 2a01:7e03::f03c:95ff:fe7e:54c - - [17/Oct/2024:07:17:18 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4178 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
... show less
Brute-Force
Ba-Yu
2024-10-16 14:48:00
(2 weeks ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
BlueWire Hosting
2024-10-15 04:10:06
(2 weeks ago)
Probing for Wordpress vulnerabilities
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 20:30:51
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 16:30:45.710870 2024] [security2:error] [pid 2139:tid 2139] [client 2a01:7e03::f03c:95ff:fe7e:54c:33188] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||firstunitedreserve.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw1_dYx4DT1rjr_kk_1jogAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 15:47:31
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 11:47:23.545937 2024] [security2:error] [pid 13155:tid 13155] [client 2a01:7e03::f03c:95ff:fe7e:54c:33642] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cognicom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cognicom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw09C1t41MtJictETqY6swAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 14:13:34
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 10:13:27.998131 2024] [security2:error] [pid 5433:tid 5433] [client 2a01:7e03::f03c:95ff:fe7e:54c:39336] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.psychiatryabuse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.psychiatryabuse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw0nB6ot_v1GgNuDmWdygAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 13:30:37
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 09:30:31.900245 2024] [security2:error] [pid 20936:tid 20936] [client 2a01:7e03::f03c:95ff:fe7e:54c:35932] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.statbotics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.statbotics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw0c9wJpIzK5S99ldU1eSQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 12:13:29
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 2a01:7e03::f03c:95ff:fe7e:54c (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 08:13:21.109906 2024] [security2:error] [pid 4380:tid 4388] [client 2a01:7e03::f03c:95ff:fe7e:54c:53916] [client 2a01:7e03::f03c:95ff:fe7e:54c] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.executiveconsultingpr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.executiveconsultingpr.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw0K4WWAw2zRnTSZAfMPygAAAEU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-14 01:55:26
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
weblite
2024-10-13 16:48:38
(2 weeks ago)
WP_XMLRPC_ABUSE
Brute-Force
Web App Attack