๐ณ๐ฑ
Linuxmalwarehuntingnl
2024-07-03 09:01:10
(2 years ago)
Unauthorized connection attempt
Brute-Force
Anonymous
2023-11-27 05:40:19
(2 years ago)
XMLRPC Hack Attempts
Hacking
Brute-Force
๐ฉ๐ฐ
wnbhosting.dk
2023-11-23 18:17:03
(2 years ago)
WP xmlrpc [2023-11-23T19:17:03+01:00]
Hacking
Web App Attack
๐บ๐ธ
myagent.site
2023-11-20 10:08:27
(2 years ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
๐ณ๐ฑ
maxxsense
2023-11-20 02:58:00
(2 years ago)
(wordpress-user-enum) Failed wordpress-user-enum trigger from 185.142.159.194 (IR/Iran/mail.p30hosti ...
show more
(wordpress-user-enum) Failed wordpress-user-enum trigger from 185.142.159.194 (IR/Iran/mail.p30hosting.com)
show less
Brute-Force
๐ฉ๐ช
rh24
2023-11-20 02:20:53
(2 years ago)
(wordpress-user-enum) Failed wordpress-user-enum trigger from 185.142.159.194 (IR/Iran/mail.p30hosti ...
show more
(wordpress-user-enum) Failed wordpress-user-enum trigger from 185.142.159.194 (IR/Iran/mail.p30hosting.com): (CF_ENABLE)
show less
Brute-Force
๐ฆ๐บ
MAGIC
2023-11-20 02:03:05
(2 years ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฆ๐บ
weblite
2023-11-20 01:40:45
(2 years ago)
WP_AUTHOR_SCANNING
Web App Attack
๐จ๐ฟ
Countryman
2023-11-19 08:24:59
(2 years ago)
IPS detection: WordPress.REST.API.Username.Enumeration.Information.Disclosure
Hacking
๐บ๐ธ
TPI-Abuse
2023-11-19 04:26:03
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 18 23:25:56.410132 2023] [security2:error] [pid 14184] [client 185.142.159.194:52908] [client 185.142.159.194] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tigersmusical.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tigersmusical.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZVmOVPuSAzxEVmDPc7jenwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2023-11-17 21:33:09
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 17 16:33:02.872363 2023] [security2:error] [pid 13878] [client 185.142.159.194:35878] [client 185.142.159.194] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fairwindsfarm.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fairwindsfarm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ZVfcDrc3dx1ENFAZWzwbDQAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
IRT@Unisi
2023-11-17 16:01:35
(2 years ago)
web_app3:WordPress.REST.API.Username.Enumeration.Information.Disclosure
Web App Attack
๐บ๐ธ
TPI-Abuse
2023-11-16 19:32:16
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.142.159.194 (mail.p30hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 16 14:32:08.997186 2023] [security2:error] [pid 24410:tid 46916174202624] [client 185.142.159.194:33604] [client 185.142.159.194] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||krisclick.imaginateca.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "krisclick.imaginateca.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZVZuOOq_gL01EalL0LZQJwAAAMw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2023-11-16 08:01:56
(2 years ago)
185.142.159.194 - - \[16/Nov/2023:10:01:29 +0200\] "POST /xmlrpc.php HTTP/1.1" 302 493185.142.159.19 ...
show more
185.142.159.194 - - \[16/Nov/2023:10:01:29 +0200\] "POST /xmlrpc.php HTTP/1.1" 302 493185.142.159.194 - - \[16/Nov/2023:10:01:37 +0200\] "POST /kirjaudu\?redirect_to=%2Fxmlrpc.php\&reauth=1 HTTP/1.1" 200 37806
...
show less
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
mawan
2023-09-30 18:22:26
(2 years ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack