๐จ๐ฆ
Anytech
2026-07-13 12:12:37
(3 hours ago)
Blocked by Conn-Monitor: wordpress-path-probe-nonwp
Bad Web Bot
Hacking
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 12:11:56
(3 hours ago)
82.915 requests in 1 hour (2mos3w6d)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 11:49:49
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.205.178.178 (178.178.205.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 35.205.178.178 (178.178.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:49:43.549572 2026] [security2:error] [pid 9526:tid 9526] [client 35.205.178.178:57953] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||latentpixel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "latentpixel.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alTQ1xtgp5KCjQoQ8dLJxAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-13 11:48:00
(4 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ซ๐ท
largo-it.net
2026-07-13 11:45:38
(4 hours ago)
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026:13:45:35.935] www_fr ...
show more
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026:13:45:35.935] www_frontend~ finance_cluster/finance1_test1_https 0/0/10/89/99 404 3252 - - ---- 56/7/0/0/0 0/0 "GET //wp-includes/ID3/license.txt HTTP/1.1"
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026:13:45:36.034] www_frontend~ finance_cluster/finance1_test1_https 17/0/11/50/78 404 3151 - - ---- 56/7/0/0/0 0/0 "GET //feed/ HTTP/1.1"
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026:13:45:36.112] www_frontend~ finance_cluster/finance1_test1_https 246/0/11/50/307 404 3151 - - ---- 56/7/0/0/0 0/0 "GET //xmlrpc.php?rsd HTTP/1.1"
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026:13:45:36.419] www_frontend~ finance_cluster/finance1_test1_https 110/0/10/52/172 404 3151 - - ---- 56/7/0/0/0 0/0 "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 13 13:45:36 vps-9f3cdc33 haproxy[547343]: 35.205.178.178:57135 [13/Jul/2026
...
show less
Hacking
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-07-13 11:41:00
(4 hours ago)
URL Probing: /web/wp-includes/wlwmanifest.xml
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:33:46
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 35.205.178.178 (178.178.205.35.bc.googleusercon ...
show more
(mod_security) mod_security (id:240335) triggered by 35.205.178.178 (178.178.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:33:38.929520 2026] [security2:error] [pid 32041:tid 32041] [client 35.205.178.178:50962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 35.205.178.178 (+1 hits since last alert)|laecovillage.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "laecovillage.org"] [uri "/xmlrpc.php"] [unique_id "alTNEm_OfMZMB3388isMogAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 11:31:32
(4 hours ago)
35.205.178.178 - - [13/Jul/2026:13:31:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 438 ...
show more
35.205.178.178 - - [13/Jul/2026:13:31:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.178.178 - - [13/Jul/2026:13:31:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.178.178 - - [13/Jul/2026:13:31:32 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.178.178 - - [13/Jul/2026:13:31:32 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 277 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.178.178 - - [13/Jul/2026:13:31:32 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 438 "-
...
show less
Brute-Force
Web App Attack
๐ฎ๐น
๐ท๐ท๐ท
2026-07-13 11:30:09
(4 hours ago)
Multiple WordPress unauthorized access attempts
...
Brute-Force
Bad Web Bot
๐ฎ๐น
VHosting
2026-07-13 11:30:03
(4 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
Anonymous
2026-07-13 11:29:00
(4 hours ago)
Try to connect to Port_Scan_80_stealth
Port Scan
Anonymous
2026-07-13 11:28:51
(4 hours ago)
Web App Attack
Brute-Force
Web App Attack
Anonymous
2026-07-13 11:20:37
(4 hours ago)
Web attack blocked by Wordfence on kunstkringhenrijonas.nl (1 hit). Reported by CRMON.
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-13 11:20:02
(4 hours ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-13 11:09:39
(4 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.205.178.178 (BE/Belgium/178.178. ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 35.205.178.178 (BE/Belgium/178.178.205.35.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack