๐บ๐ธ
wordpresshosting.solutions
2026-07-10 10:12:32
(1 day ago)
Web brute-force / failed auth detected. Evidence: [Fri Jul 10 10:12:29.943190 2026] [access_compat:e ...
show more
Web brute-force / failed auth detected. Evidence: [Fri Jul 10 10:12:29.943190 2026] [access_compat:error] [pid 1321906] [client 136.66.214.75:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php
[Fri Jul 10 10:12:31.232328 2026] [access_compat:error] [pid 1321906] [client 136.66.214.75:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php
show less
Brute-Force
Web App Attack
Anonymous
2026-07-10 10:12:03
(1 day ago)
$f2bV_matches
Port Scan
Hacking
๐ฉ๐ช
ITSNF
2026-07-10 10:10:02
(1 day ago)
Blocked by os-abuseipdb; 9 hits, proto=tcp, ports=80
Port Scan
Hacking
๐บ๐ธ
kosada.com
2026-07-10 10:09:09
(1 day ago)
Web vulnerability probing: //wordpress/wp-includes/wlwmanifest.xml
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 10:07:40
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.214.75 (75.214.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.214.75 (75.214.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 06:07:34.484890 2026] [security2:error] [pid 29171:tid 29171] [client 136.66.214.75:53087] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||activethinkers.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "activethinkers.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "alDEZgyIDAz-L1ENa9GgOgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-10 10:05:59
(1 day ago)
ipoac.nl:443 136.66.214.75 - - [10/Jul/2026:12:05:58 +0200] ipoac.nl "GET //wp-includes/wlwmanifest. ...
show more
ipoac.nl:443 136.66.214.75 - - [10/Jul/2026:12:05:58 +0200] ipoac.nl "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 5967 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-10 10:04:26
(1 day ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐ฎ๐น
VHosting
2026-07-10 10:00:05
(1 day ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐จ๐ญ
backslash
2026-07-10 09:51:00
(1 day ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
Anonymous
2026-07-10 09:44:24
(1 day ago)
136.66.214.75 - - [10/Jul/2026:11:44:23 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 434 " ...
show more
136.66.214.75 - - [10/Jul/2026:11:44:23 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.214.75 - - [10/Jul/2026:11:44:23 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 273 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.214.75 - - [10/Jul/2026:11:44:24 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 434 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.214.75 - - [10/Jul/2026:11:44:24 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 273 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
136.66.214.75 - - [10/Jul/2026:11:44:24 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 434 "-"
...
show less
Brute-Force
Web App Attack
๐ต๐ฑ
Niko's Stuff
2026-07-10 09:42:28
(1 day ago)
Triggered crowdsecurity/http-probing. More information at: https://app.crowdsec.net/cti/136.66.214.7 ...
show more
Triggered crowdsecurity/http-probing. More information at: https://app.crowdsec.net/cti/136.66.214.75
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-10 09:40:18
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 136.66.214.75 (75.214.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.214.75 (75.214.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 05:40:14.392933 2026] [security2:error] [pid 17421:tid 17441] [client 136.66.214.75:56770] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aafm.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aafm.us"] [uri "/wp-json/wp/v2/users/"] [unique_id "alC9_uvOnUtdepwcJQ3XzQAAAQ8"]
show less
Brute-Force
Bad Web Bot
Web App Attack