๐ง๐ช
cmbplf
2026-07-15 15:21:32
(13 hours ago)
5.198 requests with url.path //xmlrpc.php
5.101 requests with url.path */xmlrpc.php
365 requests ...
show more
5.198 requests with url.path //xmlrpc.php
5.101 requests with url.path */xmlrpc.php
365 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐ฎ๐น
VHosting
2026-07-15 13:40:03
(15 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
Anonymous
2026-07-15 13:39:51
(15 hours ago)
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:36 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "M ...
show more
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:36 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:37 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:39 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:40 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 34.76.67.145 - - [15/Jul/2026:15:39:41 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Moz
...
show less
Hacking
Web App Attack
๐ฉ๐ช
Marc
2026-07-15 13:36:01
(15 hours ago)
34.76.67.145 - - [15/Jul/2026:15:35:58 +0200] "POST //xmlrpc.php HTTP/1.1" 200 1030 "-" "Mozilla/5.0 ...
show more
34.76.67.145 - - [15/Jul/2026:15:35:58 +0200] "POST //xmlrpc.php HTTP/1.1" 200 1030 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 34.76.67.145 - - [15/Jul/2026:15:35:59 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 34.76.67.145 - - [15/Jul/2026:15:36:00 +0200] "POST //xmlrpc.php HTTP/1.1" 200 4863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
nyt
2026-07-15 13:34:07
(15 hours ago)
Empty UA + error, WP Author Enumeration
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 13:32:29
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.76.67.145 (145.67.76.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.76.67.145 (145.67.76.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 09:32:26.093965 2026] [security2:error] [pid 5490:tid 5582] [client 34.76.67.145:53481] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||greencitymethods.philacentric.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greencitymethods.philacentric.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aleL6t0ljk8dRBfwi2hJyAAAAco"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 13:30:48
(15 hours ago)
34.76.67.145 - - [15/Jul/2026:15:30:48 +0200] "GET /product-category/marke/blackline-2-0//wp-include ...
show more
34.76.67.145 - - [15/Jul/2026:15:30:48 +0200] "GET /product-category/marke/blackline-2-0//wp-includes/ HTTP/1.1" 301 5 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-15 13:30:11
(15 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐ท๐บ
DZBOT
2026-07-15 12:54:12
(16 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack