๐ฎ๐น
IRT@Unisi
2025-03-25 13:09:25
(1 year ago)
web_app3:WordPress.REST.API.Username.Enumeration.Information.Disclosure
Web App Attack
๐ฉ๐ช
Ba-Yu
2025-03-20 09:14:09
(1 year ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-19 19:23:52
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.securese ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 15:23:47.539218 2025] [security2:error] [pid 1905699:tid 1905699] [client 132.148.123.41:51594] [client 132.148.123.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cormanleigh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cormanleigh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z9sZw2EWpnHduuHkaeiA6gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-19 09:00:00
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.securese ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 04:59:52.679639 2025] [security2:error] [pid 10964:tid 10964] [client 132.148.123.41:55334] [client 132.148.123.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.thomasgardner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.thomasgardner.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z9qHiJedguUL-se51uA-swAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-07 05:44:13
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.securese ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 07 00:44:05.817819 2025] [security2:error] [pid 1129:tid 1129] [client 132.148.123.41:60192] [client 132.148.123.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.louisvillecustomkitchens.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.louisvillecustomkitchens.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z8qHpZMW9j-zVakqdajXBQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-07 04:21:47
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.securese ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 06 23:21:43.519543 2025] [security2:error] [pid 22275:tid 22275] [client 132.148.123.41:48966] [client 132.148.123.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wincourtransportation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wincourtransportation.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z8p0V7iFERXMULLxaJRxHwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
octageeks.com
2025-03-06 05:06:34
(1 year ago)
Wordpress malicious attack:[octaxmlrpc]
Web App Attack
๐ฎ๐น
Progetto1
2025-01-31 12:07:01
(1 year ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฆ๐บ
MAGIC
2025-01-26 06:01:45
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฆ๐บ
MAGIC
2025-01-13 20:03:42
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2024-12-25 01:54:10
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.securese ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.123.41 (p3plwpweb087.prod.phx3.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 24 20:54:07.290422 2024] [security2:error] [pid 3715583:tid 3715583] [client 132.148.123.41:51290] [client 132.148.123.41] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.stinsonbeachsurfandkayak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.stinsonbeachsurfandkayak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z2tlvyr5c_vCF0X1xs0jiAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SCHAPPY
2024-12-12 00:34:58
(1 year ago)
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST c ...
show more
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST counter 1 is greater than GET counter 0 for /wp-login.php by 132.148.123.41.
show less
Web Spam
๐ซ๐ท
Kenshin869
2024-12-11 10:26:10
(1 year ago)
Wordpress unauthorized access attempt
Brute-Force
๐น๐ท
selahattinalan
2024-12-01 18:22:21
(1 year ago)
Dec 1 21:22:20 server wordpress(www.debiakademi.com)[1977860]: XML-RPC authentication attempt for u ...
show more
Dec 1 21:22:20 server wordpress(www.debiakademi.com)[1977860]: XML-RPC authentication attempt for unknown user debiakademi from 132.148.123.41
show less
Brute-Force
๐ง๐ช
taivas.nl
2024-12-01 16:32:11
(1 year ago)
Wordpress_xmlrpc_attack
Bad Web Bot