|
๐ฌ๐ง
AvonleaConsulting
|
|
Attempts to probe web pages for vulnerable PHP or other applications
|
Web App Attack
|
|
|
Anonymous
|
|
Web attack blocked by Wordfence on cuypersinvalkenburg.nl (11 hits). Reported by CRMON.
|
Web App Attack
|
|
|
๐ฉ๐ช
ISPLtd
|
|
135.119.38.32 [02/Jul/2026:18:38:52 -0300] armadilloservices.ca:443 URL:/xmlrpc.php "POST /xmlrpc.ph ...
show more
135.119.38.32 [02/Jul/2026:18:38:52 -0300] armadilloservices.ca:443 URL:/xmlrpc.php "POST /xmlrpc.php
135.119.38.32 [02/Jul/2026:18:38:52 -0300] victaxes.ca:443 URL:/xmlrpc.php "GET //xmlrpc.php
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:29:42.605704 2026] [security2:error] [pid 23763:tid 23763] [client 135.119.38.32:45943] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||register-yacht-belgium.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "register-yacht-belgium.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbYRk_-wMO2nKPy8tCwAQAAABg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
MM-bot
|
|
URL-probe: HTTP/1.1 GET request on /wp-json/wp/v2/users/ (2026-07-02 23:25:10 UTC+2)
|
Web App Attack
Hacking
|
|
|
๐ฉ๐ช
ghostwarriors
|
|
Webpage scraping
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
ksol-hostmaster
|
|
2026/07/02 23:02:33 [error] 35069#102195: *863057 access forbidden by rule, client: 135.119.38.32, s ...
show more
2026/07/02 23:02:33 [error] 35069#102195: *863057 access forbidden by rule, client: 135.119.38.32, server: revolutionbim.com, request: "POST /xmlrpc.php HTTP/1.1", host: "revolutionbim.com"
...
show less
|
Web Spam
|
|
|
๐ฌ๐ง
AvonleaConsulting
|
|
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
|
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
rh24
|
|
(wordpress) Failed wordpress login from 135.119.38.32 (US/United States/-): (CF_ENABLE)
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:45:26.508030 2026] [security2:error] [pid 5992:tid 5992] [client 135.119.38.32:45128] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||slmd.me|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "slmd.me"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbN5vFCg2qn8wpmM2MrxQAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
135.119.38.32 - - [02/Jul/2026:20:33:19 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 2819 "-" "Mo ...
show more
135.119.38.32 - - [02/Jul/2026:20:33:19 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 2819 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 OPR/110.0.0.0"
...
show less
|
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
|
Exploited Host
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:01:12.538003 2026] [security2:error] [pid 22515:tid 22515] [client 135.119.38.32:44174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||winbayfire.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "winbayfire.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbDiKFB3sqv472nqVFsWQAAAHQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
dbmwebdesign
|
|
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 135.119.38.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:59:07.334635 2026] [security2:error] [pid 4558:tid 4558] [client 135.119.38.32:44552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||afjm.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "afjm.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aka0-4xG77SExf4f2f4LNgAAABk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|