๐ช๐ธ
antivoid.xyz
2026-07-07 14:45:03
(1 day ago)
Brute-Force
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-07 14:41:00
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
brightenfield
2026-07-07 14:39:40
(1 day ago)
Web App Attack
Web App Attack
๐ธ๐ฌ
anotherwatcher
2026-07-07 14:34:18
(1 day ago)
bad bot
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-07 14:33:47
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.21.63 (63.21.66.136.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.21.63 (63.21.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:33:40.888004 2026] [security2:error] [pid 11373:tid 11382] [client 136.66.21.63:64211] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wp.havacubvision.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wp.havacubvision.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak0ORD7EdR9G_loOnMs1aQAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 14:33:06
(1 day ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-07 14:31:29
(1 day ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 136.66.21.63 (US/United States/63.2 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 136.66.21.63 (US/United States/63.21.66.136.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-07 14:27:36
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฌ๐ง
Apache
2026-07-07 14:26:28
(1 day ago)
(mod_security) mod_security (id:210410) triggered by 136.66.21.63 (US/United States/63.21.66.136.bc. ...
show more
(mod_security) mod_security (id:210410) triggered by 136.66.21.63 (US/United States/63.21.66.136.bc.googleusercontent.com): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-07 14:20:04
(1 day ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 14:13:44
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.21.63 (63.21.66.136.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.21.63 (63.21.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:13:38.708899 2026] [security2:error] [pid 2983:tid 2983] [client 136.66.21.63:50547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||solporpoise.com.herston.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "solporpoise.com.herston.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak0Jkq0wt-0EUsNZH9CaWwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-07 14:11:05
(1 day ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐ณ๐ด
Bots.go.to.hell
2026-07-07 14:07:42
(1 day ago)
This IP was detected by CrowdSec triggering custom/ip-honeypot
Web App Attack
Bad Web Bot
๐บ๐ธ
infra-monitor
2026-07-07 14:00:04
(1 day ago)
Automated ban via infra-monitor: wp-sensitive-paths, wordpress-probe
Web App Attack
Anonymous
2026-07-07 13:52:18
(1 day ago)
136.66.21.63 - - [07/Jul/2026:15:52:17 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 436 "- ...
show more
136.66.21.63 - - [07/Jul/2026:15:52:17 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.21.63 - - [07/Jul/2026:15:52:17 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.21.63 - - [07/Jul/2026:15:52:18 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.21.63 - - [07/Jul/2026:15:52:18 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 287 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.21.63 - - [07/Jul/2026:15:52:18 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 436 "-" "Moz
...
show less
Brute-Force
Web App Attack