๐ณ๐ฑ
Site.eu
2026-07-02 01:46:46
(5 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
SpaceHost-Server
2026-07-01 22:34:35
(6 days ago)
Brute-Force
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-01 09:22:25
(6 days ago)
10 attempts against mh-misc-ban on frost
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-01 09:20:03
(6 days ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:54:11
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 136.66.90.113 (113.90.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.90.113 (113.90.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:54:07.628502 2026] [security2:error] [pid 18303:tid 18303] [client 136.66.90.113:57548] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.keychainfilms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.keychainfilms.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akTVr9H_9yGay2LKtd4kigAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 08:46:04
(6 days ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฎ๐น
VHosting
2026-07-01 08:40:03
(6 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ง๐ฌ
HighWay
2026-07-01 08:38:25
(6 days ago)
136.66.90.113 - - [01/Jul/2026:08:38:21 +0000] "POST //xmlrpc.php HTTP/1.1" 200 755 "-" "Mozilla/5.0 ...
show more
136.66.90.113 - - [01/Jul/2026:08:38:21 +0000] "POST //xmlrpc.php HTTP/1.1" 200 755 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.90.113 - - [01/Jul/2026:08:38:22 +0000] "POST //xmlrpc.php HTTP/1.1" 200 755 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.90.113 - - [01/Jul/2026:08:38:23 +0000] "POST //xmlrpc.php HTTP/1.1" 200 755 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 08:37:35
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 136.66.90.113 (113.90.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.90.113 (113.90.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:37:27.959157 2026] [security2:error] [pid 31356:tid 31356] [client 136.66.90.113:55165] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.davesievers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.davesievers.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akTRx-mBIwyiHfuebWkh4wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 08:36:10
(6 days ago)
Attac
Brute-Force
๐ณ๐ฑ
Savvii
2026-07-01 08:31:22
(6 days ago)
10 attempts against mh-misc-ban on kiwi
Web App Attack
๐ฉ๐ช
macrob
2026-07-01 08:29:42
(6 days ago)
2026/07/01 08:29:38 [error] 801445#801445: *342667548 access forbidden by rule, client: 136.66.90.11 ...
show more
2026/07/01 08:29:38 [error] 801445#801445: *342667548 access forbidden by rule, client: 136.66.90.113, server: behemoti.com, request: "GET //wp-includes/ID3/license.txt HTTP/2.0", host: "behemoti.com"
2026/07/01 08:29:40 [error] 801444#801444: *342667634 access forbidden by rule, client: 136.66.90.113, server: behemoti.com, request: "GET //xmlrpc.php?rsd HTTP/2.0", host: "behemoti.com"
2026/07/01 08:29:41 [error] 801444#801444: *342667658 access forbidden by rule, client: 136.66.90.113, server: behemoti.com, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/2.0", host: "behemoti.com"
...
show less
Web App Attack