๐ณ๐ฑ
Site.eu
2026-07-02 02:31:45
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐จ๐ญ
๐จ๐ญ Hosting
2026-07-01 11:20:01
(1 week ago)
Automated security scanning detected: WordPress Live Writer Probing. Systematic reconnaissance using ...
show more
Automated security scanning detected: WordPress Live Writer Probing. Systematic reconnaissance using automated tools.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 11:18:15
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 35.231.67.213 (213.67.231.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.231.67.213 (213.67.231.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 07:18:07.846577 2026] [security2:error] [pid 29311:tid 29311] [client 35.231.67.213:63255] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "telecompros.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "akT3bw-q6Em_18_FmK-1RAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Anytech
2026-07-01 10:53:07
(1 week ago)
Blocked by Conn-Monitor: Web scanning activity
Web App Attack
๐ซ๐ท
Sorgin Informatique
2026-07-01 10:47:04
(1 week ago)
nee-7 : Trying access unauthorized files/dir=>/wp-includes/ID3/license.txt
Hacking
Anonymous
2026-07-01 10:42:01
(1 week ago)
Blocked by ModSec and CSF
Port Scan
๐บ๐ธ
integrantservices.com
2026-07-01 10:40:14
(1 week ago)
(wordpress) Failed wordpress login from 35.231.67.213 (US/United States/213.67.231.35.bc.googleuserc ...
show more
(wordpress) Failed wordpress login from 35.231.67.213 (US/United States/213.67.231.35.bc.googleusercontent.com)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 10:33:55
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 35.231.67.213 (213.67.231.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.231.67.213 (213.67.231.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:33:47.818810 2026] [security2:error] [pid 15573:tid 15573] [client 35.231.67.213:49845] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||activethinkers.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "activethinkers.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "akTtC1XG-O2iJhP0lRLHOAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
conseilgouz
2026-07-01 10:31:05
(1 week ago)
coe-7 : Trying access unauthorized files/dir=>//wp-includes/ID3/license.txt
Hacking
Anonymous
2026-07-01 10:30:40
(1 week ago)
35.231.67.213 - - [01/Jul/2026:12:30:38 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 " ...
show more
35.231.67.213 - - [01/Jul/2026:12:30:38 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.231.67.213 - - [01/Jul/2026:12:30:38 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.231.67.213 - - [01/Jul/2026:12:30:39 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.231.67.213 - - [01/Jul/2026:12:30:39 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
35.231.67.213 - - [01/Jul/2026:12:30:39 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567
...
show less
Brute-Force
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-01 10:27:25
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
WizardsToolkit
2026-07-01 10:27:07
(1 week ago)
attempted to access /blog/wp-includes/wlwmanifest.xml
Web App Attack
๐ฎ๐น
VHosting
2026-07-01 10:25:07
(1 week ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-01 10:23:24
(1 week ago)
10 attempts against mh-misc-ban on eris
Web App Attack