Anonymous
2026-06-29 20:19:08
(1 week ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-29 12:48:04
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-29 12:46:25
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:46:22.654192 2026] [security2:error] [pid 8112:tid 8138] [client 104.199.50.32:51387] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ennerdalebridge.com.aafm.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ennerdalebridge.com.aafm.us"] [uri "/wp-json/wp/v2/users/"] [unique_id "akJpHv58dP0jz_p6n7i6sgAAANg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-06-29 12:42:00
(1 week ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
hbrks
2026-06-29 12:30:39
(1 week ago)
23 attack(s) detected, such as these: {"event":"web_block","ip":"104.199.50.32","host":"supa.marche- ...
show more
23 attack(s) detected, such as these: {"event":"web_block","ip":"104.199.50.32","host":"supa.marche-be.com","request":"","user_agent":"","reason":"Status-0","timestamp":"2026-06-29T12:30:39 00:00","logentry":"supa.marche-be.com 104.199.50.32 - - [29/Jun/2026:12:30:39 0000] \"\" 400 0 \"-\" \"-\" \"-\""} * Report Details *: https://p4u.xyz/9VGCVY3DYDF/1* IP Details *: https://p4u.xyz/9VGCVY3DYDF/2
show less
Web Spam
Hacking
Bad Web Bot
Anonymous
2026-06-29 12:28:07
(1 week ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:23:22
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:23:15.298179 2026] [security2:error] [pid 20476:tid 20476] [client 104.199.50.32:64640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pastorjohndunning.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pastorjohndunning.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akJjs3IENjmBS1wK9uezQgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-06-29 12:19:59
(1 week ago)
Too many 404 requests [BY]
Web App Attack
๐ซ๐ฎ
Christopher Hughes
2026-06-29 12:17:35
(1 week ago)
wp-includes scan
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-29 12:11:15
(1 week ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐ซ๐ท
dynamix
2026-06-29 12:10:21
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:07:46
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 104.199.50.32 (32.50.199.104.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:07:40.588771 2026] [security2:error] [pid 19292:tid 19292] [client 104.199.50.32:60531] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aimer.es|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aimer.es"] [uri "/wp-json/wp/v2/users/"] [unique_id "akJgDG4bjND9qyaKIFyg2gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
on-com
2026-06-29 12:06:55
(1 week ago)
URL scan
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-06-29 12:06:44
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-06-29 12:05:57
(1 week ago)
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:51 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" " ...
show more
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:51 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:53 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:54 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:55 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 104.199.50.32 - - [29/Jun/2026:14:05:56 +0200] "POST //xmlrpc.php HTTP/1.1" 403 416 "-" "Mozilla/5.0 (Windo
...
show less
Hacking
Web App Attack