๐บ๐ธ
mnsf
2026-07-03 13:05:19
(4 hours ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-03 12:42:50
(5 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ท๐บ
DZBOT
2026-07-03 12:23:46
(5 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-03 12:20:03
(5 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-03 12:18:34
(5 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
Coco Bongo
2026-07-03 12:18:27
(5 hours ago)
35.196.128.36 [redacted].dns.[redacted] (396982-GOOGLE-CLOUD-PLATFORM United States North Charleston ...
show more
35.196.128.36 [redacted].dns.[redacted] (396982-GOOGLE-CLOUD-PLATFORM United States North Charleston) - - [03/Jul/2026:14:18:12 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Wi
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-03 12:18:26
(5 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 12:18:06
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.196.128.36 (36.128.196.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.196.128.36 (36.128.196.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:18:02.514309 2026] [security2:error] [pid 14115:tid 14115] [client 35.196.128.36:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||duct.cloudex.click|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "duct.cloudex.click"] [uri "/wp-json/wp/v2/users/"] [unique_id "akeoekI2OaB7c31VRrVLmQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 12:16:48
(5 hours ago)
(xmlrpc) Apache: Failed xmlrpc access from 35.196.128.36 (US/United States/36.128.196.35.bc.googleus ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 35.196.128.36 (US/United States/36.128.196.35.bc.googleusercontent.com): 10 in the last 3600 secs (0-201)
show less
Hacking
๐ณ๐ฑ
GabrielJST
2026-07-03 12:16:40
(5 hours ago)
(wordpress) Failed wordpress login from 35.196.128.36 (US/United States/36.128.196.35.bc.googleuserc ...
show more
(wordpress) Failed wordpress login from 35.196.128.36 (US/United States/36.128.196.35.bc.googleusercontent.com)
show less
Brute-Force
๐ง๐ช
cmbplf
2026-07-03 12:06:32
(5 hours ago)
6.459 post requests in 1 hour (2w1d30m)
Brute-Force
Bad Web Bot
๐ฉ๐ช
AetherFox
2026-07-03 12:02:54
(5 hours ago)
AetherFox VoidGuard detected: [Fri Jul 03 12:02:53.574294 2026] [authz_core:error] [pid 3377300:tid ...
show more
AetherFox VoidGuard detected: [Fri Jul 03 12:02:53.574294 2026] [authz_core:error] [pid 3377300:tid 3377338] [client 35.196.128.36:61659] AH01630: client denied by server configuration: proxy:https://[MASKED]/wp-includes/ID3/license.txt
[Fri Jul 03 12:02:53.803471 2026] [authz_core:error] [pid 3377300:tid 3377348] [client 35.196.128.36:61659] AH01630: client denied by server configuration: proxy:https://[MASKED]/feed/
[Fri Jul 03 12:02:53.908364 2026] [authz_core:error] [pid 3377300:tid 3377346] [client 35.196.128.36:61659] AH01630: client denied by server configuration: proxy:https://[MASKED]/xmlrpc.php
[Fri Jul 03 12:02:54.137996 2026] [authz_core:error] [pid 3377300:tid 3377349] [client 35.196.128.36:61659] AH01630: client denied by server configuration: proxy:https://[MASKED]/blog/wp-includes/wlwmanifest.xml
[Fri Jul 03 12:02:54.330941 2026] [authz_core:error] [pid 3377300:tid 3377310] [client 35.196.128.36:61659] AH01630: client denied by server con
...
show less
Bad Web Bot
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-03 12:02:14
(5 hours ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ฉ๐ช
TrackerSB
2026-07-03 11:58:37
(6 hours ago)
35.196.128.36 - "-" [03/Jul/2026:13:58:35 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 17 ...
show more
35.196.128.36 - "-" [03/Jul/2026:13:58:35 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 1749 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "35.196.128.36"
35.196.128.36 - "-" [03/Jul/2026:13:58:36 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 200 1749 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "35.196.128.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:56:53
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.196.128.36 (36.128.196.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.196.128.36 (36.128.196.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:56:47.826694 2026] [security2:error] [pid 20777:tid 20777] [client 35.196.128.36:55331] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doncody.disio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doncody.disio.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akejfx9zqB8De4eoC6dN4gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack