rtbh.com.tr
2024-09-13 20:54:41
(3 weeks ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
gu-alvareza
2024-09-13 07:05:33
(3 weeks ago)
WordPress.REST.API.Username.Enumeration.Information.Disclosure
Web App Attack
BlueWire Hosting
2024-09-13 04:10:02
(3 weeks ago)
Probing Wordpress websites
Web App Attack
Anonymous
2024-09-12 21:58:15
(3 weeks ago)
(wordpress) Failed wordpress login from 34.162.29.94 (US/United States/94.29.162.34.bc.googleusercon ... show more (wordpress) Failed wordpress login from 34.162.29.94 (US/United States/94.29.162.34.bc.googleusercontent.com) show less
Brute-Force
TPI-Abuse
2024-09-12 21:55:39
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent ... show more (mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 17:55:35.387713 2024] [security2:error] [pid 1941:tid 1941] [client 34.162.29.94:51963] [client 34.162.29.94] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.magacine.tv"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZuNjV5Hx9X1sKbBxGnk5fwAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-12 21:38:16
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent ... show more (mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 17:38:10.215892 2024] [security2:error] [pid 32120:tid 32120] [client 34.162.29.94:59442] [client 34.162.29.94] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||imbrasacademic.bridgital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "imbrasacademic.bridgital.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZuNfQvTsCMy2_yzmU_8jRwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-12 21:34:10
(3 weeks ago)
Bad Web Bot
Web App Attack
cmbplf
2024-09-12 21:33:41
(3 weeks ago)
7.886 requests to */xmlrpc.php
564 requests to */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
applemooz
2024-09-12 21:32:32
(3 weeks ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
taivas.nl
2024-09-12 21:32:12
(3 weeks ago)
Bad_requests
Bad Web Bot
Cloudkul Cloudkul
2024-09-12 21:30:07
(3 weeks ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
Ba-Yu
2024-09-12 21:29:32
(3 weeks ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
nextweb
2024-09-12 21:24:39
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 34.162.29.94 (US/United States/Ohio/Columbus/94 ... show more (mod_security) mod_security (id:225170) triggered by 34.162.29.94 (US/United States/Ohio/Columbus/94.29.162.34.bc.googleusercontent.com/[AS396982 GOOGLE-CLOUD-PLATFORM]): 5 in the last 3600 secs (CF_ENABLE) show less
Brute-Force
TPI-Abuse
2024-09-12 21:23:07
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent ... show more (mod_security) mod_security (id:225170) triggered by 34.162.29.94 (94.29.162.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 17:23:02.586638 2024] [security2:error] [pid 31429:tid 31429] [client 34.162.29.94:62745] [client 34.162.29.94] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||campnecon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "campnecon.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZuNbtksBTOhipbLikW2iXgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-09-12 21:22:43
(3 weeks ago)
(mod_security) mod_security (id:210410) triggered by 34.162.29.94 (US/United States/94.29.162.34.bc. ... show more (mod_security) mod_security (id:210410) triggered by 34.162.29.94 (US/United States/94.29.162.34.bc.googleusercontent.com): 5 in the last 300 secs show less
Brute-Force
Web App Attack