Anonymous
2025-01-18 08:49:24
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2025-01-17 03:42:22
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 16 22:42:17.228785 2025] [security2:error] [pid 2106417:tid 2106417] [client 78.157.35.66:43352] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tenmenband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tenmenband.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4nRmaV2mdY52uV7aaxgLAAAACI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-16 20:32:28
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 16 15:32:23.050596 2025] [security2:error] [pid 6678:tid 6678] [client 78.157.35.66:54262] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gaeltv.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gaeltv.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4ls14KGEjjmGAqbPrsGvQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-16 02:30:10
(6 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-01-14 22:40:54
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-01-13 04:50:44
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-01-12 04:04:07
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2025-01-10 22:53:10
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2025-01-09 19:09:22
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 09 14:09:14.162219 2025] [security2:error] [pid 6207:tid 6207] [client 78.157.35.66:53746] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chicagoinquirer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chicagoinquirer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4Ae2s54CgohefUys3KR0QAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-04 16:18:38
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2025-01-02 17:49:00
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 02 12:48:55.047941 2025] [security2:error] [pid 1275010:tid 1275010] [client 78.157.35.66:48922] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kbalan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kbalan.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3bRh3tFF7SVsKSuK28WwwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-02 08:52:48
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 02 03:52:41.586407 2025] [security2:error] [pid 5525:tid 5525] [client 78.157.35.66:49244] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||corporatepresentation.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "corporatepresentation.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z3ZT2eUCrJyoYp3xSJ2lywAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-31 20:34:57
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-12-28 17:36:06
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-24 07:08:21
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 ... show more (mod_security) mod_security (id:225170) triggered by 78.157.35.66 (cp23-66.cp.fnv.privatedns.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 24 02:08:17.392126 2024] [security2:error] [pid 17865:tid 17865] [client 78.157.35.66:40138] [client 78.157.35.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.silalaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.silalaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z2pd4X-Dv4MehyqgBuqUxAAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack