๐ง๐ช
cmbplf
2026-07-12 16:44:01
(19 hours ago)
2.693 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
Anonymous
2026-07-12 15:35:11
(20 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐บ๐ธ
lostswordfish.com
2026-07-12 15:14:03
(21 hours ago)
Wordfence waf block on lostswordfish
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-12 15:12:45
(21 hours ago)
High error rate and elevated request volume targeting cPanel servers
Bad Web Bot
๐ซ๐ท
pm33
2026-07-12 14:58:23
(21 hours ago)
Excessive crawling HTTP 404
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-12 14:55:45
(21 hours ago)
CMS/framework probe: 35.185.65.181 - - [12/Jul/2026:16:55:44 +0200] "GET //wp-includes/ID3/license.t ...
show more
CMS/framework probe: 35.185.65.181 - - [12/Jul/2026:16:55:44 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" asn=396982 org="Google LLC" country=US
...
show less
Web App Attack
๐บ๐ธ
juguemosalacarioca.com
2026-07-12 14:54:22
(21 hours ago)
Multiple HTTP calls attempting to GET resources using common API calls or formats on port 8080
Web App Attack
๐ต๐ฑ
TaKeN
2026-07-12 14:52:34
(21 hours ago)
Automated Wazuh local observation. Wazuh rule 31151 lvl=10 detected repeated HTTP web application pr ...
show more
Automated Wazuh local observation. Wazuh rule 31151 lvl=10 detected repeated HTTP web application probing from this source IP. Observed 1 matching blocked event(s) between 2026-07-12T16:52:34+02:00 and 2026-07-12T16:52:34+02:00. Sample requested paths: //site/wp-includes/wlwmanifest.xml.
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-12 14:47:52
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.185.65.181 (181.65.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.185.65.181 (181.65.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 10:47:49.077425 2026] [security2:error] [pid 23160:tid 23160] [client 35.185.65.181:54968] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||enriquejezik.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "enriquejezik.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alOpFRHVVsj_pgXte04E8QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-12 14:36:00
(21 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-12 14:31:00
(21 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-12 14:29:21
(21 hours ago)
35.185.65.181 - - [12/Jul/2026:10:29:19 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 4 ...
show more
35.185.65.181 - - [12/Jul/2026:10:29:19 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 47911 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.185.65.181 - - [12/Jul/2026:10:29:19 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 47915 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.185.65.181 - - [12/Jul/2026:10:29:20 -0400] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 47917 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.185.65.181 - - [12/Jul/2026:10:29:20 -0400] "GET //2021/wp-includes/wlwmanifest.xml HTTP/1.1" 404 47908 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.185.65.181 - - [12/Jul/2026:10:29:20 -0400] "GET //shop/wp-includes/wlwmanifest.xml HTT
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 14:28:39
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.185.65.181 (181.65.185.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.185.65.181 (181.65.185.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 10:28:36.203303 2026] [security2:error] [pid 15369:tid 15384] [client 35.185.65.181:62852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eliteproductions.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eliteproductions.tv"] [uri "/wp-json/wp/v2/users/"] [unique_id "alOklFo36yLfeSHulXvojwAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-07-12 14:27:23
(21 hours ago)
Web App Attack Exploid from 35.185.65.181
Web App Attack
๐ฆ๐บ
electronico
2026-07-12 14:25:36
(21 hours ago)
35.185.65.181 - - [13/Jul/2026:01:25:35 +1100] "GET //xmlrpc.php?rsd HTTP/1.1" 404 2111 "-" "Mozilla ...
show more
35.185.65.181 - - [13/Jul/2026:01:25:35 +1100] "GET //xmlrpc.php?rsd HTTP/1.1" 404 2111 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Brute-Force
Web App Attack