wnbhosting.dk
2024-11-16 07:59:41
(3 weeks ago)
WP xmlrpc [2024-11-16T08:59:41+01:00]
Hacking
Web App Attack
wnbhosting.dk
2024-11-16 02:54:08
(3 weeks ago)
WP xmlrpc [2024-11-16T03:54:08+01:00]
Hacking
Web App Attack
wnbhosting.dk
2024-11-16 01:53:00
(3 weeks ago)
WP xmlrpc [2024-11-16T02:53:00+01:00]
Hacking
Web App Attack
nationaleventpros.com
2024-11-16 01:18:52
(3 weeks ago)
WordPress login attempt
Brute-Force
wnbhosting.dk
2024-11-15 20:50:44
(3 weeks ago)
WP xmlrpc [2024-11-15T21:50:44+01:00]
Hacking
Web App Attack
TPI-Abuse
2024-11-15 00:01:59
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 122.201.124.66 (cp-wc28.syd02.ds.network): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 122.201.124.66 (cp-wc28.syd02.ds.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 19:01:55.192637 2024] [security2:error] [pid 13090:tid 13090] [client 122.201.124.66:39884] [client 122.201.124.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drendels.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drendels.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzaPc66exJAyAmKxSIubBwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2024-11-14 23:01:57
(3 weeks ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
TPI-Abuse
2024-11-14 22:40:47
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 122.201.124.66 (cp-wc28.syd02.ds.network): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 122.201.124.66 (cp-wc28.syd02.ds.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 17:40:39.900748 2024] [security2:error] [pid 28579:tid 28579] [client 122.201.124.66:54738] [client 122.201.124.66] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lawrencehale.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lawrencehale.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ZzZ8Z7HJDqak_JXV00zMzAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
bittiguru.fi
2024-11-14 18:13:27
(4 weeks ago)
122.201.124.66 - [14/Nov/2024:20:13:24 +0200] "POST /xmlrpc.php HTTP/1.1" 404 22044 "-" "Mozilla/5.0 ... show more 122.201.124.66 - [14/Nov/2024:20:13:24 +0200] "POST /xmlrpc.php HTTP/1.1" 404 22044 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" "-"
122.201.124.66 - [14/Nov/2024:20:13:27 +0200] "POST /wordpress/xmlrpc.php HTTP/1.1" 404 22054 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.212 Safari/537.36" "-"
... show less
Hacking
Brute-Force
Web App Attack
MAGIC
2024-11-14 14:01:41
(4 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
wnbhosting.dk
2024-11-14 11:07:04
(4 weeks ago)
WP xmlrpc [2024-11-14T12:07:04+01:00]
Hacking
Web App Attack
Anonymous
2024-11-14 07:48:48
(4 weeks ago)
Probing for Open Source CMS installs
Hacking
Brute-Force
ipoac.nl
2024-11-14 02:47:09
(4 weeks ago)
***:443 122.201.124.66 - - [14/Nov/2024:03:47:08 +0100] *** "POST /xmlrpc.php HTTP/1.1" 403 3754 "-" ... show more ***:443 122.201.124.66 - - [14/Nov/2024:03:47:08 +0100] *** "POST /xmlrpc.php HTTP/1.1" 403 3754 "-" "Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0" show less
Bad Web Bot
Swiptly
2024-11-13 22:06:54
(4 weeks ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
wnbhosting.dk
2024-11-13 17:43:01
(4 weeks ago)
WP xmlrpc [2024-11-13T18:43:01+01:00]
Hacking
Web App Attack