Anonymous
2026-07-10 15:33:22
(6 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-10 13:11:10
(8 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-10 13:04:39
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 09:04:34.468509 2026] [security2:error] [pid 19927:tid 19927] [client 35.252.88.159:61688] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ibermar.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ibermar.info"] [uri "/wp-json/wp/v2/users/"] [unique_id "alDt4pWXHP78K_wSjT_0IwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
raph
2026-07-10 13:04:11
(8 hours ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-10 12:56:18
(9 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
Anonymous
2026-07-10 12:52:31
(9 hours ago)
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 450 " ...
show more
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 289 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 289 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
35.252.88.159 - - [10/Jul/2026:14:52:31 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 450 "-"
...
show less
Brute-Force
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-10 12:48:16
(9 hours ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 12:47:36
(9 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:47:29.533639 2026] [security2:error] [pid 10435:tid 10435] [client 35.252.88.159:59844] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.produktives.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.produktives.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alDp4XvJLYFNkBNVVpvM0QAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-10 12:40:41
(9 hours ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: pri ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: primeiraclasse.pt 35.252.88.159 - - [10/Jul/2026:14:37:14 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 20612 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=US | ASN: GOOGLE-CLOUD-PLATFORM | Country: US
show less
Port Scan
Web App Attack
Anonymous
2026-07-10 12:27:11
(9 hours ago)
Malicious Probing/Bad Request
Bad Web Bot
๐ฆ๐บ
nzhost.co.nz
2026-07-10 12:25:34
(9 hours ago)
$f2bV_matches
Hacking
Brute-Force
๐บ๐ธ
agenciahypelab.com.br
2026-07-10 12:24:11
(9 hours ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-10 12:24:06
(9 hours ago)
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 35.252.88.159 (159.88.252.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:23:59.093327 2026] [security2:error] [pid 28807:tid 28807] [client 35.252.88.159:58704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.prcomputersolutions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.prcomputersolutions.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alDkXx_yeFwKo5R6ocUmpwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-10 12:20:04
(9 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-10 12:14:56
(9 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack