TPI-Abuse
2024-11-05 14:45:43
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 ... show more (mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 09:45:35.474181 2024] [security2:error] [pid 26004:tid 26004] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac:63580] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||36sovereignchambers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "36sovereignchambers.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZyovjwP9gcFCf-7H7ZeglQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
S.O.B.A. Dev.
2024-11-05 14:23:07
(1 month ago)
Web vulnerability scanning
Web Spam
Brute-Force
Web App Attack
4server
2024-11-05 11:59:01
(1 month ago)
[TueNov0512:58:41.8060862024][security2:error][pid3514579:tid3514717][client2a13:4ac0:10:0:f816:3eff ... show more [TueNov0512:58:41.8060862024][security2:error][pid3514579:tid3514717][client2a13:4ac0:10:0:f816:3eff:fea1:e9ac:0][client2a13:4ac0:10:0:f816:3eff:fea1:e9ac]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof\"beginsWith%{request_headers.host}\"against\"TX:1\"required.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"510\"][id\"340162\"][rev\"308\"][msg\"Atomicorp.comWAFRules:RemoteFileInjectionAttackdetected\(UnauthorizedURLdetectedasargument\)\"][data\"\,TX:1\"][severity\"CRITICAL\"][hostname\"www.aid-web.ch\"][uri\"/wp-add.php\"][unique_id\"ZyoIcfADU67v7z5Bx8rDpwAAAMc\"][TueNov0512:58:45.2534442024][security2:error][pid3514579:tid3514717][client2a13:4ac0:10:0:f816:3eff:fea1:e9ac:0][client2a13:4ac0:10:0:f816:3eff:fea1:e9ac]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof\"beginsWith%{request_headers.host}\"against\"TX:1\"required.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"510\"][id\"340162\"][rev\"308\"][msg\"Atomicorp.comWAFRules:RemoteFileInjectionAttackdetect show less
Blog Spam
TPI-Abuse
2024-11-05 10:25:54
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 ... show more (mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 05:25:45.645413 2024] [security2:error] [pid 2568:tid 2568] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac:61079] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||abcollie.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "abcollie.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZynyqRuLKcwSwAsW0oodsAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
ecodehost.com
2024-11-05 09:51:02
(1 month ago)
Domain : cozumdoktoru.com
Rule : includephp
2024-11-05 09:32:44 10.100.1.20 GET /wp-incl ... show more Domain : cozumdoktoru.com
Rule : includephp
2024-11-05 09:32:44 10.100.1.20 GET /wp-includes/widgets/include.php - 443 - 172.71.182.162 HTTP/2 Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 - www.cozumdoktoru.com 404 0 0 5844 736 257 - 2a13:4ac0:10:0:f816:3eff:fea1:e9ac show less
Port Scan
ecodehost.com
2024-11-05 09:31:02
(1 month ago)
Domain : cozumdoktoru.com
Rule : pluginsphp
2024-11-05 09:30:10 10.100.1.20 GET /wp-cont ... show more Domain : cozumdoktoru.com
Rule : pluginsphp
2024-11-05 09:30:10 10.100.1.20 GET /wp-content/plugins/WordPressCore/include.php - 443 - 172.70.46.199 HTTP/2 Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 - www.cozumdoktoru.com 404 0 0 5870 749 378 - 2a13:4ac0:10:0:f816:3eff:fea1:e9ac show less
Web App Attack
TPI-Abuse
2024-11-05 07:14:34
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 ... show more (mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 02:14:17.799918 2024] [security2:error] [pid 31488:tid 31488] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac:56982] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dogandponyband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dogandponyband.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZynFyTyRiMagMK05wx6rpgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
iNetWorker
2024-11-05 04:10:07
(1 month ago)
trolling for resource vulnerabilities
Web App Attack
clapper
2024-11-05 03:39:17
(1 month ago)
(mod_security) mod_security (id:980001) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 5 ... show more (mod_security) mod_security (id:980001) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 5 in the last 3600 secs; ID: Clar show less
Brute-Force
Bad Web Bot
TPI-Abuse
2024-11-05 02:45:28
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 ... show more (mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 21:45:19.274550 2024] [security2:error] [pid 32725:tid 32725] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac:54967] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||daisydoesoap.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daisydoesoap.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZymGv7ZyapaoiN7cDa4KTAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
archiv-pm
2024-11-04 23:50:24
(1 month ago)
Wordpress login attempts
Brute-Force
ecodehost.com
2024-11-04 20:39:02
(1 month ago)
Domain : cozumdoktoru.com
Rule : env
2024-11-04 20:38:47 10.100.1.20 GET /user/info.php ... show more Domain : cozumdoktoru.com
Rule : env
2024-11-04 20:38:47 10.100.1.20 GET /user/info.php - 443 - 172.71.94.217 HTTP/2 Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 www.google.com www.cozumdoktoru.com 404 0 0 5808 733 316 - 2a13:4ac0:10:0:f816:3eff:fea1:e9ac show less
Hacking
SQL Injection
BlueWire Hosting
2024-11-04 15:10:02
(1 month ago)
Detected as a bad bot
Bad Web Bot
TPI-Abuse
2024-11-04 14:14:54
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 ... show more (mod_security) mod_security (id:225170) triggered by 2a13:4ac0:10:0:f816:3eff:fea1:e9ac (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 09:14:45.838025 2024] [security2:error] [pid 7877:tid 7877] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac:52202] [client 2a13:4ac0:10:0:f816:3eff:fea1:e9ac] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||caferutadelaseda.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "caferutadelaseda.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZyjW1a0tpLabrYYg9pIS_gAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
S.O.B.A. Dev.
2024-11-04 11:54:45
(1 month ago)
Web vulnerability scanning
Web Spam
Brute-Force
Web App Attack