TPI-Abuse
2024-09-07 03:21:37
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 23:21:30.604473 2024] [security2:error] [pid 28586:tid 28586] [client 2a02:7b40:b0df:8de1::1:54684] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.inverzona.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.inverzona.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtvGurhR4TSh8Bu3AOySXQAAACQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-07 01:08:29
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 21:08:21.111981 2024] [security2:error] [pid 20876:tid 20876] [client 2a02:7b40:b0df:8de1::1:46664] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||english.art.mavikalem.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "english.art.mavikalem.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "Ztunhd7fdiOFL3cUm2sAbAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Prodscape
2024-09-06 21:23:53
(1 week ago)
(WPLOGIN) WP Login Attack 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 5 in the last 86400 secs; Port ... show more (WPLOGIN) WP Login Attack 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 5 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER show less
Port Scan
TPI-Abuse
2024-09-06 21:19:45
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 17:19:39.830683 2024] [security2:error] [pid 28102:tid 28102] [client 2a02:7b40:b0df:8de1::1:35270] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||didactrend.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "didactrend.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zttx66I3WIIZ05hbruiqLQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-09-06 20:03:11
(1 week ago)
MYH: Web Attack GET /wp-login.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-06 19:47:05
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 15:46:58.746172 2024] [security2:error] [pid 3827619:tid 3827632] [client 2a02:7b40:b0df:8de1::1:43968] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.artmarialeon.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZttcMu2MrljBzVTVd3RCFwAAAMs"] show less
Brute-Force
Bad Web Bot
Web App Attack
lavnet.net
2024-09-06 18:25:53
(1 week ago)
Sep 6 18:25:53 angela wordpress(thejunkymonkey.com)[351174]: Blocked user enumeration attempt from ... show more Sep 6 18:25:53 angela wordpress(thejunkymonkey.com)[351174]: Blocked user enumeration attempt from 2a02:7b40:b0df:8de1::1
... show less
Hacking
Web App Attack
TPI-Abuse
2024-09-06 17:38:49
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 13:38:40.794033 2024] [security2:error] [pid 8739:tid 8739] [client 2a02:7b40:b0df:8de1::1:48252] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gardner.farm.brazilianbottom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gardner.farm.brazilianbottom.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zts-ICubC5sc7c7pyR5CewAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Max la Menace
2024-09-06 07:42:28
(1 week ago)
Wordpress Attack (P)
Web App Attack
Axel
2024-09-06 07:11:46
(1 week ago)
Attempted access to sensitive WordPress file: xmlrpc.php.
Brute-Force
Web App Attack
SSH
Anonymous
2024-09-06 05:59:42
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
jasperedv.de
2024-09-06 05:55:32
(1 week ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
TPI-Abuse
2024-09-06 04:31:42
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 2a02:7b40:b0df:8de1::1 (mail.ekipi365.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 00:31:36.896969 2024] [security2:error] [pid 24500:tid 24500] [client 2a02:7b40:b0df:8de1::1:42500] [client 2a02:7b40:b0df:8de1::1] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rachelfia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rachelfia.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtqFqBqut-pWdaQywZ-rUgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Max la Menace
2024-08-15 06:43:20
(1 month ago)
Wordpress attack (F)
Blog Spam
Web App Attack
iNetWorker
2024-08-15 04:48:45
(1 month ago)
trolling for resource vulnerabilities
Web App Attack