๐ง๐ช
cmbplf
2026-07-15 17:29:32
(4 hours ago)
4.118 requests with url.path */xmlrpc.php
4.006 requests with url.path //xmlrpc.php
481 requests ...
show more
4.118 requests with url.path */xmlrpc.php
4.006 requests with url.path //xmlrpc.php
481 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-15 15:05:40
(7 hours ago)
Too many Status 40X (18)
Brute-Force
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-15 15:04:39
(7 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ซ๐ฎ
YF
2026-07-15 15:01:36
(7 hours ago)
WordPress author enumeration
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-15 14:45:05
(7 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-15 14:40:09
(7 hours ago)
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ...
show more
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:02 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:03 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:03 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:04 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.24.153.212 - - [15/Jul/2026:16:40:05 +0200] "POST
...
show less
Hacking
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-07-15 14:37:32
(7 hours ago)
Web brute-force / failed auth detected. Evidence: [Wed Jul 15 14:37:30.529589 2026] [access_compat:e ...
show more
Web brute-force / failed auth detected. Evidence: [Wed Jul 15 14:37:30.529589 2026] [access_compat:error] [pid 2276337] [client 34.24.153.212:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php
[Wed Jul 15 14:37:32.160742 2026] [access_compat:error] [pid 2276337] [client 34.24.153.212:0] AH01797: client denied by server configuration: [WEB_ROOT]/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-07-15 14:36:36
(7 hours ago)
(wordpress) Failed wordpress login from 34.24.153.212 (US/United States/212.153.24.34.bc.googleuserc ...
show more
(wordpress) Failed wordpress login from 34.24.153.212 (US/United States/212.153.24.34.bc.googleusercontent.com)
show less
Brute-Force
๐ฌ๐ง
Mendip_Defender
2026-07-15 14:35:18
(7 hours ago)
34.24.153.212 - - [15/Jul/2026:15:35:07 +0100] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 6557 ...
show more
34.24.153.212 - - [15/Jul/2026:15:35:07 +0100] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 6557 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:15:35:07 +0100] "GET //xmlrpc.php?rsd HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:15:35:07 +0100] "GET //wp-json/wp/v2/users/ HTTP/1.1" 403 6556 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-15 14:32:23
(7 hours ago)
34.24.153.212 - - [15/Jul/2026:16:32:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 591 "-" "Mozilla/5.0 ...
show more
34.24.153.212 - - [15/Jul/2026:16:32:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:16:32:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:16:32:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:16:32:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.24.153.212 - - [15/Jul/2026:16:32:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
masterguru
2026-07-15 14:30:19
(7 hours ago)
WordPress: User enumeration. Pattern match "(author\\\\= (88030-169)
Hacking
๐ฉ๐ช
grassau.com
2026-07-15 14:30:07
(7 hours ago)
(wordpress) Failed wordpress login from 34.24.153.212 (US/United States/South Carolina/North Charles ...
show more
(wordpress) Failed wordpress login from 34.24.153.212 (US/United States/South Carolina/North Charleston/212.153.24.34.bc.googleusercontent.com)
show less
Brute-Force
๐ฎ๐น
VHosting
2026-07-15 14:30:03
(7 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 14:29:56
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.24.153.212 (212.153.24.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.24.153.212 (212.153.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 10:29:50.201316 2026] [security2:error] [pid 5490:tid 5595] [client 34.24.153.212:52915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vinylnotespodcast.com.104ventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vinylnotespodcast.com.104ventures.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aleZXt0ljk8dRBfwi2hPawAAAdU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-07-15 14:29:41
(7 hours ago)
(nginx_hardened) REGOLA 3 - Nginx Hardening Triggered 34.24.153.212 (US/United States/212.153.24.34. ...
show more
(nginx_hardened) REGOLA 3 - Nginx Hardening Triggered 34.24.153.212 (US/United States/212.153.24.34.bc.googleusercontent.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 34.24.153.212 - - [15/Jul/2026:16:29:34 +0200] "GET //xmlrpc.php?rsd HTTP/2.0" 403 129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "34.24.153.212" host=villapardi.it
2026/07/15 16:29:35 [error] 3907611#3907611: *525640 access forbidden by rule, client: 34.24.153.212, server: villapardi.it, request: "GET //?author=1 HTTP/2.0", host: "villapardi.it"
2026/07/15 16:29:35 [error] 3907611#3907611: *525640 access forbidden by rule, client: 34.24.153.212, server: villapardi.it, request: "GET //?author=2 HTTP/2.0", host: "villapardi.it"
show less
Port Scan