Anonymous
2026-06-28 11:00:20
(5 days ago)
Scanning/Probing activity detected.
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-06-28 10:48:10
(5 days ago)
Try to access /xmlrpc.php?rsd
Web App Attack
π³π±
Site.eu
2026-06-28 10:40:27
(5 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-06-28 10:39:51
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 35.205.241.13 (13.241.205.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.205.241.13 (13.241.205.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:39:44.787877 2026] [security2:error] [pid 10619:tid 10619] [client 35.205.241.13:54360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||answeringilliana.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "answeringilliana.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akD58F-Shr8xChXTQ1dBmgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 10:37:09
(5 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π³πΏ
Antinson
2026-06-28 10:36:16
(5 days ago)
Scraping with a high error ratio and request rate
Bad Web Bot
Anonymous
2026-06-28 10:35:09
(5 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
π¨π
zynex
2026-06-28 10:31:25
(5 days ago)
URL Probing: /xmlrpc.php
Web App Attack
π§π·
dominioz
2026-06-28 10:27:28
(5 days ago)
2026-06-28 10:26:46 GET /wp-includes/ID3/license.txt - - 35.205.241.13 HTTP/1.1 Mozilla/5.0+(Windows ...
show more
2026-06-28 10:26:46 GET /wp-includes/ID3/license.txt - - 35.205.241.13 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 404 1987
2026-06-28 10:26:47 GET /feed/ - - 35.205.241.13 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 404 1987
2026-06-28 10:26:47 GET /xmlrpc.php rsd - 35.205.241.13 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 404 5137
2026-06-28 10:26:48 GET /blog/wp-includes/wlwmanifest.xml - - 35.205.241.13 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 404 1987
...
show less
Web App Attack
π§πͺ
cmbplf
2026-06-28 10:26:05
(5 days ago)
3.681 requests with url.path */xmlrpc.php
3.679 requests with url.path //xmlrpc.php
412 requests ...
show more
3.681 requests with url.path */xmlrpc.php
3.679 requests with url.path //xmlrpc.php
412 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
πΊπΈ
Lee Daniel
2026-06-28 10:25:16
(5 days ago)
35.205.241.13 - - [28/Jun/2026:06:25:13 -0400] "GET /wp-includes/id3/license.txt/web/wp-includes/wlw ...
show more
35.205.241.13 - - [28/Jun/2026:06:25:13 -0400] "GET /wp-includes/id3/license.txt/web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 51675 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.241.13 - - [28/Jun/2026:06:25:14 -0400] "GET /wp-includes/id3/license.txt/wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 51717 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.241.13 - - [28/Jun/2026:06:25:14 -0400] "GET /wp-includes/id3/license.txt/wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 51668 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.205.241.13 - - [28/Jun/2026:06:25:15 -0400] "GET /wp-includes/id3/license.txt/2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 51681 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-06-28 10:22:01
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
13.241.205.35.bc.googleusercontent.com
Web App Attack
Anonymous
2026-06-28 10:21:12
(5 days ago)
Attac
Brute-Force
Anonymous
2026-06-28 10:18:14
(5 days ago)
35.205.241.13 - - [28/Jun/2026:10:18:14 +0000] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 3079 ...
show more
35.205.241.13 - - [28/Jun/2026:10:18:14 +0000] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 3079 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
π·πΊ
DZBOT
2026-06-28 10:13:00
(5 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack