๐ซ๐ท
SpaceHost-Server
2026-07-01 22:34:33
(5 days ago)
Brute-Force
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-01 15:59:42
(5 days ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 15:39:22
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:39:15.115882 2026] [security2:error] [pid 25123:tid 25123] [client 136.66.30.132:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chiloiangallery.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chiloiangallery.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akU0o57y0kKcTuDLXxN-OgAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-01 15:28:27
(5 days ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:22:51
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:22:45.284866 2026] [security2:error] [pid 24412:tid 24412] [client 136.66.30.132:58526] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bonnesfrequences.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bonnesfrequences.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akUwxRm6ygrig3fWYN4V4gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-07-01 15:14:24
(5 days ago)
2026/07/01 15:14:22 [error] 801445#801445: *343369808 access forbidden by rule, client: 136.66.30.13 ...
show more
2026/07/01 15:14:22 [error] 801445#801445: *343369808 access forbidden by rule, client: 136.66.30.132, server: binofferes.com, request: "GET //wp-includes/ID3/license.txt HTTP/1.1", host: "binofferes.com"
2026/07/01 15:14:23 [error] 801445#801445: *343369808 access forbidden by rule, client: 136.66.30.132, server: binofferes.com, request: "GET //xmlrpc.php?rsd HTTP/1.1", host: "binofferes.com"
2026/07/01 15:14:23 [error] 801445#801445: *343369808 access forbidden by rule, client: 136.66.30.132, server: binofferes.com, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1", host: "binofferes.com"
...
show less
Web App Attack
๐บ๐ธ
Victor Lรณpez
2026-07-01 15:02:36
(5 days ago)
vpardilalaw.com 136.66.30.132 - - [01/Jul/2026:10:02:34 -0500] "GET //xmlrpc.php?rsd HTTP/1.1" 200 3 ...
show more
vpardilalaw.com 136.66.30.132 - - [01/Jul/2026:10:02:34 -0500] "GET //xmlrpc.php?rsd HTTP/1.1" 200 3205 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
vpardilalaw.com 136.66.30.132 - - [01/Jul/2026:10:02:35 -0500] "POST //xmlrpc.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
vpardilalaw.com 136.66.30.132 - - [01/Jul/2026:10:02:35 -0500] "POST //xmlrpc.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
konseptit
2026-07-01 14:54:16
(5 days ago)
(wordpress) Failed wordpress login from 136.66.30.132 (US/United States/132.30.66.136.bc.googleuserc ...
show more
(wordpress) Failed wordpress login from 136.66.30.132 (US/United States/132.30.66.136.bc.googleusercontent.com)
show less
Brute-Force
๐ฎ๐น
VHosting
2026-07-01 14:45:05
(5 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
Anonymous
2026-07-01 14:44:59
(5 days ago)
136.66.30.132 - - [01/Jul/2026:16:44:58 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 438 " ...
show more
136.66.30.132 - - [01/Jul/2026:16:44:58 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.30.132 - - [01/Jul/2026:16:44:59 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.30.132 - - [01/Jul/2026:16:44:59 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.30.132 - - [01/Jul/2026:16:44:59 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.30.132 - - [01/Jul/2026:16:44:59 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
Baking333
2026-07-01 14:42:58
(5 days ago)
[redacted] 136.66.30.132 - - [01/Jul/2026:15:42:55 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1 ...
show more
[redacted] 136.66.30.132 - - [01/Jul/2026:15:42:55 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1" 302 6783 0/51417 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 136.66.30.132 - - [01/Jul/2026:15:42:57 +0100] "GET /[redacted]?rsd HTTP/1.1" 302 1564 0/81785 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 14:42:46
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.30.132 (132.30.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 10:42:42.866418 2026] [security2:error] [pid 10323:tid 10323] [client 136.66.30.132:55929] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ubuciko.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ubuciko.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akUnYk6jLbnydw8QD4gJKQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack