Anonymous
2024-12-02 10:21:15
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-30 06:20:44
(6 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-26 02:18:24
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 25 21:18:20.180325 2024] [security2:error] [pid 23360:tid 23360] [client 78.159.108.89:35214] [client 78.159.108.89] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||didactrend.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "didactrend.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z0Uv7Nz725C_an4VSy0mgQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 15:32:51
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 11:32:47.784482 2024] [security2:error] [pid 12181:tid 12181] [client 78.159.108.89:41396] [client 78.159.108.89] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thefrontporchoffering.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thefrontporchoffering.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw05n2DlqzBK0UVAxX-ayAAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 12:25:55
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 08:25:48.830350 2024] [security2:error] [pid 28527:tid 28527] [client 78.159.108.89:51632] [client 78.159.108.89] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cajunpicasso.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cajunpicasso.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw0NzJCW8q3n-_1SUCDrpAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 11:50:30
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 07:50:25.928250 2024] [security2:error] [pid 5810:tid 5810] [client 78.159.108.89:40556] [client 78.159.108.89] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||virtualmediamasters.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "virtualmediamasters.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Zw0FgYvK-ywFF80HPdkXdgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-14 11:11:13
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 78.159.108.89 (s174.bitcommand.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 07:11:07.837379 2024] [security2:error] [pid 25589:tid 25589] [client 78.159.108.89:60312] [client 78.159.108.89] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mounthoodhistory.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mounthoodhistory.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zwz8S5CbKpTT3-gz8aGEoQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-13 06:54:52
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-10 07:25:14
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-10-09 04:00:55
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH