π§πͺ
taivas.nl
2026-07-08 04:32:37
(4 hours ago)
Many_bad_calls
Web App Attack
π§πͺ
cmbplf
2026-07-07 15:37:34
(17 hours ago)
24.344 requests with url.path //xmlrpc.php
24.219 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
π©πͺ
Carsten
2026-07-07 13:44:58
(19 hours ago)
GET [blog/wp-includes/wlwmanifest.xml]
Port Scan
π§πͺ
taivas.nl
2026-07-07 13:32:10
(19 hours ago)
Bad_requests
Bad Web Bot
π³πΏ
Antinson
2026-07-07 13:31:49
(19 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-07 13:14:01
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 136.66.231.213 (213.231.66.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.231.213 (213.231.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:13:55.301791 2026] [security2:error] [pid 20218:tid 20218] [client 136.66.231.213:62743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.jennyfiore.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jennyfiore.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akz7kz5TMIx8ZzqrkLjCygAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π΄
Bots.go.to.hell
2026-07-07 13:12:30
(19 hours ago)
This IP was detected by CrowdSec triggering custom/ip-honeypot
Web App Attack
Bad Web Bot
π©πͺ
BlueWire Hosting
2026-07-07 13:11:53
(19 hours ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
π¨π
zynex
2026-07-07 13:11:42
(19 hours ago)
URL Probing: /wp1/wp-includes/wlwmanifest.xml
Web App Attack
πΊπΈ
lavnet.net
2026-07-07 13:01:08
(19 hours ago)
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 2083 ...
show more
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 2083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 2083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /feed/ HTTP/1.1" 404 2083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /feed/ HTTP/1.1" 404 2083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:13:01:07 +0000] "GET /xmlrpc.php?rsd HTTP/1.1" 404 2083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K
...
show less
Brute-Force
π©πͺ
ghostwarriors
2026-07-07 12:50:13
(19 hours ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 12:49:51
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 136.66.231.213 (213.231.66.136.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.231.213 (213.231.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:49:44.580754 2026] [security2:error] [pid 12827:tid 12827] [client 136.66.231.213:52801] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ipv6.whodatnation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ipv6.whodatnation.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akz16C1eRaWykx_T9OZCvwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
ipoac.nl
2026-07-07 12:45:09
(20 hours ago)
ipoac.nl:443 136.66.231.213 - - [07/Jul/2026:14:45:08 +0200] ipoac.nl "GET //xmlrpc.php?rsd HTTP/1.1 ...
show more
ipoac.nl:443 136.66.231.213 - - [07/Jul/2026:14:45:08 +0200] ipoac.nl "GET //xmlrpc.php?rsd HTTP/1.1" 403 2001 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Bad Web Bot
Anonymous
2026-07-07 12:44:44
(20 hours ago)
136.66.231.213 - - [07/Jul/2026:14:44:41 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 ...
show more
136.66.231.213 - - [07/Jul/2026:14:44:41 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:14:44:42 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:14:44:43 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:14:44:43 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.231.213 - - [07/Jul/2026:14:44:43 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 40
...
show less
Brute-Force
Web App Attack
π©πͺ
Ba-Yu
2026-07-07 12:44:41
(20 hours ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack