Anonymous
2025-02-09 10:46:44
(7 hours ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2025-02-06 21:20:32
(2 days ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2025-02-01 13:02:47
(1 week ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2025-01-27 19:43:51
(1 week ago)
Failed Wordpress Logins
Web App Attack
ger-stg-sifi1
2025-01-27 18:59:19
(1 week ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2025-01-26 01:11:36
(2 weeks ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2025-01-24 22:22:31
(2 weeks ago)
Failed Wordpress Logins
Web App Attack
SCHAPPY
2025-01-24 07:09:37
(2 weeks ago)
Attack to wordpress xmlrpc
Web App Attack
Ba-Yu
2025-01-23 07:47:09
(2 weeks ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
weblite
2025-01-18 19:18:39
(3 weeks ago)
LONG_RUNNING WP_XMLRPC_ABUSE
Brute-Force
Web App Attack
Cloudkul Cloudkul
2025-01-18 09:25:07
(3 weeks ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
TPI-Abuse
2025-01-17 19:17:18
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown ... show more (mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 14:17:13.017650 2025] [security2:error] [pid 28578:tid 28700] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497:35278] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mmr.omegaoak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mmr.omegaoak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4qsuQdOujYfT7szLatHxAAAAMo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-17 14:25:26
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown ... show more (mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 17 09:25:17.852760 2025] [security2:error] [pid 2335635:tid 2335635] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497:54200] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.psscififilmfest.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.psscififilmfest.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4poTfrcn9Zj_FOsFH3FsQAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-17 04:12:57
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown ... show more (mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 16 23:12:49.272828 2025] [security2:error] [pid 2301278:tid 2301278] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497:46738] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lilpiggiescardgame.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lilpiggiescardgame.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4nYwSk3d1M5pHdTbPgU1AAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-16 19:16:20
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown ... show more (mod_security) mod_security (id:225170) triggered by 2401:c080:1400:53a4:5400:5ff:fe2e:8497 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 16 14:16:11.675684 2025] [security2:error] [pid 4931:tid 4931] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497:36712] [client 2401:c080:1400:53a4:5400:5ff:fe2e:8497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mjkhan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mjkhan.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z4la--fkN12OwBe0rbEjkgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack