Anonymous
|
|
apache-wordpress-login
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 11:35:58.967875 2024] [security2:error] [pid 22244:tid 22244] [client 58.137.200.50:64395] [client 58.137.200.50] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||calvarycavaliers.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calvarycavaliers.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtHm3qqy8CWHfNEkhy1HMAAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
pusathosting.com
|
|
2ds22 bruteforce
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 11:03:12.360474 2024] [security2:error] [pid 707102:tid 707102] [client 58.137.200.50:16957] [client 58.137.200.50] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fredlandia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fredlandia.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtHfMKQG2FM8k1c2mSep2gAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Dolphi
|
|
POST //xmlrpc.php
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 10:42:00.635923 2024] [security2:error] [pid 12552:tid 12552] [client 58.137.200.50:4178] [client 58.137.200.50] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rodatrack.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rodatrack.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtHaOClDcQQXKtuIpq5EBAAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 58.137.200.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 09:32:46.444701 2024] [security2:error] [pid 22994:tid 22994] [client 58.137.200.50:51707] [client 58.137.200.50] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mcbrearty.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mcbrearty.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZtHJ_qxJSswKDlM6xZzZXAAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
RLDD
|
|
WP probing -jts
|
Web App Attack
|
|
syokadmin
|
|
(mod_security) mod_security (id:77140967) triggered by 58.137.200.50 (-): 1 in the last 3600 secs
|
Brute-Force
|
|
syokadmin
|
|
(mod_security) mod_security (id:77140967) triggered by 58.137.200.50 (-): 1 in the last 3600 secs
|
Brute-Force
|
|
Sefinek
|
|
IP 58.137.200.50 [TH] triggered Cloudflare WAF (firewallCustom).
Action taken: BLOCK
ASN ... show moreIP 58.137.200.50 [TH] triggered Cloudflare WAF (firewallCustom).
Action taken: BLOCK
ASN: 45458 (SBN-AWN-AS-02-AP SBN-ISPAWN-ISP and SBN-NIXAWN-NIX)
Protocol: HTTP/1.1 (method PUT)
Domain: patrons.sefinek.net
Endpoint: /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Timestamp: 2024-08-17T12:55:46Z
Ray ID: 8b49d2036e5a0c87
Rule ID: 28ce88ae31c84d638aec7f360a4f64af
User agent: python-requests/2.32.3
Report generated by Node-Cloudflare-WAF-AbuseIPDB (https://github.com/sefinek24/Node-Cloudflare-WAF-AbuseIPDB) show less
|
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
RoboSOC
|
|
phpunit Remote Code Execution Vulnerability, PTR: PTR record not found
|
Hacking
|
|
Smel
|
|
HTTP/80/443/8080 Unauthorized Probe, Hack -
|
Hacking
Web App Attack
|
|
Anonymous
|
|
Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK
|
Brute-Force
SSH
|
|