๐ซ๐ท
Catalin Negru
2026-07-11 07:38:04
(4 days ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐จ๐ฆ
zXero
2026-07-09 11:01:44
(6 days ago)
Fail2Ban automatic report - jail: no-wordpress
Brute-Force
SSH
DDoS Attack
๐ซ๐ท
SpaceHost-Server
2026-07-07 22:33:44
(1 week ago)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-07 13:29:54
(1 week ago)
107.361 requests with url.path //xmlrpc.php
107.327 requests with url.path */xmlrpc.php
4.599 req ...
show more
107.361 requests with url.path //xmlrpc.php
107.327 requests with url.path */xmlrpc.php
4.599 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐ณ๐ฟ
Antinson
2026-07-07 12:26:47
(1 week ago)
High error rate and elevated request volume targeting cPanel servers
Bad Web Bot
๐ฉ๐ช
Blexyel
2026-07-07 12:16:18
(1 week ago)
35.195.121.152 - - [07/Jul/2026:14:16:17 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 40 ...
show more
35.195.121.152 - - [07/Jul/2026:14:16:17 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "pingusmc.org"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
grassau.com
2026-07-07 12:14:35
(1 week ago)
(wordpress) Failed wordpress login from 35.195.121.152 (BE/Belgium/Brussels Capital/Brussels/152.121 ...
show more
(wordpress) Failed wordpress login from 35.195.121.152 (BE/Belgium/Brussels Capital/Brussels/152.121.195.35.bc.googleusercontent.com)
show less
Brute-Force
๐ซ๐ท
Catalin Negru
2026-07-07 12:13:18
(1 week ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐จ๐ฆ
zXero
2026-07-07 12:10:50
(1 week ago)
Fail2Ban automatic report - jail: no-wordpress
Brute-Force
SSH
DDoS Attack
๐ฉ๐ช
macrob
2026-07-07 11:56:43
(1 week ago)
2026/07/07 11:56:41 [error] 2005009#2005009: *357602511 access forbidden by rule, client: 35.195.121 ...
show more
2026/07/07 11:56:41 [error] 2005009#2005009: *357602511 access forbidden by rule, client: 35.195.121.152, server: binixo.es, request: "GET //wp-includes/ID3/license.txt HTTP/2.0", host: "binixo.es"
2026/07/07 11:56:41 [error] 2005008#2005008: *357602682 access forbidden by rule, client: 35.195.121.152, server: binixo.es, request: "GET //xmlrpc.php?rsd HTTP/2.0", host: "binixo.es"
2026/07/07 11:56:41 [error] 2005008#2005008: *357603215 access forbidden by rule, client: 35.195.121.152, server: binixo.es, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/2.0", host: "binixo.es"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:48:02
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 35.195.121.152 (152.121.195.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 35.195.121.152 (152.121.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:47:56.607785 2026] [security2:error] [pid 10874:tid 10874] [client 35.195.121.152:60156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bickleton.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "akznbHXNenZndYP0yk8O5wAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-07 11:42:35
(1 week ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
๐จ๐ญ
Origon
2026-07-07 11:34:38
(1 week ago)
http-probing - IP: 35.195.121.152 - time="2026-07-07T13:34:38+02:00" level=info msg="(555f66b4f6a74 ...
show more
http-probing - IP: 35.195.121.152 - time="2026-07-07T13:34:38+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 35.195.121.152 (BE/396982) : 4h ban on Ip 35.195.121.152" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:30:29
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 35.195.121.152 (152.121.195.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 35.195.121.152 (152.121.195.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:30:22.238875 2026] [security2:error] [pid 6350:tid 6350] [client 35.195.121.152:64424] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bennoyes.com.arsenaultartistmanagement.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bennoyes.com.arsenaultartistmanagement.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akzjTtm99_U2y3eFtVeOfAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
beon
2026-07-07 11:30:22
(1 week ago)
[DateTime=>2026-07-07T11:30:22Z to 2026-07-07T12:01:45Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyP ...
show more
[DateTime=>2026-07-07T11:30:22Z to 2026-07-07T12:01:45Z (UTC)] , [HoneyPot_Hits=>12 times] , [HoneyPots=>/xmlrpc.php, /blog/wp-includes/wlwmanifest.xml, /blog/, /blog/wp-json/wp/v2/users/, /blog/wp-json/oembed/1.0/embed, /blog/xmlrpc.php] , [total_Hits=>13 times] , [Keyword=>WordPress, irregular query]
show less
Bad Web Bot
Web App Attack