Ba-Yu
2024-10-10 03:22:09
(23 hours ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
wnbhosting.dk
2024-10-09 22:11:54
(1 day ago)
WP xmlrpc [2024-10-10T00:11:54+02:00]
Hacking
Web App Attack
rtbh.com.tr
2024-09-30 20:54:09
(1 week ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Anonymous
2024-09-30 06:01:32
(1 week ago)
apache-auth
Brute-Force
Web App Attack
TPI-Abuse
2024-09-30 05:50:15
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.am ... show more (mod_security) mod_security (id:240335) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 30 01:50:08.108379 2024] [security2:error] [pid 12960:tid 13072] [client 54.198.130.203:52796] [client 54.198.130.203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 54.198.130.203 (+1 hits since last alert)|bogl.no|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bogl.no"] [uri "/xmlrpc.php"] [unique_id "Zvo8EJm3uzqud2C9sL96_AAAAhg"] show less
Brute-Force
Bad Web Bot
Web App Attack
wnbhosting.dk
2024-09-29 21:16:45
(1 week ago)
WP xmlrpc [2024-09-29T23:16:45+02:00]
Hacking
Web App Attack
polycoda
2024-09-29 12:36:51
(1 week ago)
🔑 Wordpress login brute force attempt
Hacking
Web App Attack
wnbhosting.dk
2024-09-27 14:49:03
(1 week ago)
WP xmlrpc [2024-09-27T16:49:03+02:00]
Hacking
Web App Attack
wnbhosting.dk
2024-09-26 23:52:43
(2 weeks ago)
WP xmlrpc [2024-09-27T01:52:43+02:00]
Hacking
Web App Attack
ipoac.nl
2024-09-26 13:51:11
(2 weeks ago)
2024-09-26T15:51:11.122532+02:00 ipoac.nl wordpress(***)[1608593]: XML-RPC authentication failure fo ... show more 2024-09-26T15:51:11.122532+02:00 ipoac.nl wordpress(***)[1608593]: XML-RPC authentication failure for***from 54.198.130.203 show less
Web App Attack
Swiptly
2024-09-26 00:12:55
(2 weeks ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
Anonymous
2024-09-25 20:58:27
(2 weeks ago)
apache-wordpress-login
Brute-Force
Web App Attack
TPI-Abuse
2024-09-24 20:51:12
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.am ... show more (mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 16:51:05.570267 2024] [security2:error] [pid 3526:tid 3526] [client 54.198.130.203:38994] [client 54.198.130.203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nomorenicenice.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nomorenicenice.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ZvMmOY3FsBwryy2X5D1bJwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-24 19:22:52
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.am ... show more (mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 15:22:49.180308 2024] [security2:error] [pid 11639:tid 11639] [client 54.198.130.203:51168] [client 54.198.130.203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||genevainvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "genevainvestors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZvMRiYbJOl-m0mArUrCCPwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-24 17:30:47
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.am ... show more (mod_security) mod_security (id:225170) triggered by 54.198.130.203 (ec2-54-198-130-203.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 13:30:40.173902 2024] [security2:error] [pid 32504:tid 32510] [client 54.198.130.203:54092] [client 54.198.130.203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||illianaphotobooth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "illianaphotobooth.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZvL3QCOuFCimjMXe005lwAAAAEM"] show less
Brute-Force
Bad Web Bot
Web App Attack