๐บ๐ธ
TPI-Abuse
2026-07-06 05:15:57
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 195.210.105.216 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 195.210.105.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:15:51.387942 2026] [security2:error] [pid 10963:tid 10963] [client 195.210.105.216:45463] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.circleofsound.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.circleofsound.org"] [uri "/wp-includes/id3/license.txt/wp-json/wp/v2/users/"] [unique_id "aks6B9ZM8sdpzJpIEUAgHwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Dolphi
2026-07-06 00:40:30
(6 hours ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ง๐ท
dominioz
2026-07-06 00:12:55
(7 hours ago)
2026-07-06 00:08:13 POST /xmlrpc.php - - 195.210.105.216 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win6 ...
show more
2026-07-06 00:08:13 POST /xmlrpc.php - - 195.210.105.216 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 200 648
2026-07-06 00:11:41 POST /xmlrpc.php - - 195.210.105.216 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 200 648
2026-07-06 00:11:59 POST /xmlrpc.php - - 195.210.105.216 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 200 648
2026-07-06 00:12:27 POST /xmlrpc.php - - 195.210.105.216 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 200 648
...
show less
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 23:51:53
(7 hours ago)
228 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-05 19:58:19
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 195.210.105.216 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 195.210.105.216 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 15:58:12.640479 2026] [security2:error] [pid 23236:tid 23236] [client 195.210.105.216:50403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.xcarsubscription.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.xcarsubscription.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akq3VNoUdKVRMcec7z3gzQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-05 17:12:00
(14 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ซ๐ฎ
YF
2026-07-05 17:00:41
(14 hours ago)
WordPress author enumeration
Web App Attack
๐ซ๐ท
dynamix
2026-07-05 14:45:00
(16 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฌ๐ง
Apache
2026-07-05 13:22:07
(17 hours ago)
(mod_security) mod_security (id:210410) triggered by 195.210.105.216 (US/United States/-): 5 in the ...
show more
(mod_security) mod_security (id:210410) triggered by 195.210.105.216 (US/United States/-): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
Anonymous
2026-07-05 12:50:14
(18 hours ago)
195.210.105.216 - - [05/Jul/2026:14:50:13 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 281 ...
show more
195.210.105.216 - - [05/Jul/2026:14:50:13 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
195.210.105.216 - - [05/Jul/2026:14:50:13 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 27891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
195.210.105.216 - - [05/Jul/2026:14:50:14 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
195.210.105.216 - - [05/Jul/2026:14:50:14 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 27891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
195.210.105.216 - - [05/Jul/2026:14:50:14 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-05 11:37:24
(19 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
Anonymous
2026-07-05 11:06:05
(20 hours ago)
Trying to access config files
Web App Attack
๐ฉ๐ช
LRob
2026-06-03 03:30:07
(1 month ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack