๐ง๐ช
cmbplf
2026-07-10 16:31:20
(3 hours ago)
4.288 requests with url.path */xmlrpc.php
4.284 requests with url.path //xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-10 14:44:59
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:44:51.583662 2026] [security2:error] [pid 7554:tid 7554] [client 8.231.59.232:61015] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sharonmauldin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sharonmauldin.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alEFY9Tk1PFANiAP6u_YoAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-10 14:42:46
(5 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ซ๐ท
dwmp
2026-07-10 14:35:06
(5 hours ago)
Url probing: /feed/
Web App Attack
๐ซ๐ท
Baking333
2026-07-10 14:28:42
(5 hours ago)
[redacted] 8.231.59.232 - - [10/Jul/2026:15:28:39 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1" ...
show more
[redacted] 8.231.59.232 - - [10/Jul/2026:15:28:39 +0100] "GET //wp-includes/ID3/[redacted] HTTP/1.1" 302 6798 0/72760 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" [redacted] 8.231.59.232 - - [10/Jul/2026:15:28:40 +0100] "GET /[redacted]?rsd HTTP/1.1" 302 1579 0/72265 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:26:03
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:25:55.642817 2026] [security2:error] [pid 25457:tid 25457] [client 8.231.59.232:64457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||segeln-in-phuket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "segeln-in-phuket.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "alEA8wbnfLgaxWfSGewuXgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-10 14:16:32
(5 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ณ๐ฑ
tmiland
2026-07-10 14:16:23
(5 hours ago)
(wordpress_wlwmanifest) WordPress wlwmanifest.xml Attack 8.231.59.232 (US/United States/232.59.231.8 ...
show more
(wordpress_wlwmanifest) WordPress wlwmanifest.xml Attack 8.231.59.232 (US/United States/232.59.231.8.bc.googleusercontent.com): 3 in the last 3600 secs; IP: 8.231.59.232; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 8.231.59.232 - - [10/Jul/2026:16:16:19 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 8.231.59.232 - - [10/Jul/2026:16:16:19 +0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 8.231.59.232 - - [10/Jul/2026:16:16:19 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Brute-Force
๐ฉ๐ช
big-cloud.nl
2026-07-10 14:14:19
(5 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
mnsf
2026-07-10 14:05:28
(5 hours ago)
Abuse Detected (10)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:02:58
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.59.232 (232.59.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:02:54.018266 2026] [security2:error] [pid 31070:tid 31070] [client 8.231.59.232:64442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||saltyrootsyogaco.com.fixitz.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saltyrootsyogaco.com.fixitz.net"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "alD7jord-3wE52xt6gVKOwAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-10 13:59:42
(5 hours ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TAY
2026-07-10 13:52:46
(5 hours ago)
8.231.59.232 - - [10/Jul/2026:21:52:44 +0800] "POST //xmlrpc.php HTTP/1.1" 200 623 "-" "Mozilla/5.0 ...
show more
8.231.59.232 - - [10/Jul/2026:21:52:44 +0800] "POST //xmlrpc.php HTTP/1.1" 200 623 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.231.59.232 - - [10/Jul/2026:21:52:45 +0800] "POST //xmlrpc.php HTTP/1.1" 200 4425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.231.59.232 - - [10/Jul/2026:21:52:45 +0800] "POST //xmlrpc.php HTTP/1.1" 200 4425 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Brute-Force
๐จ๐ญ
backslash
2026-07-10 13:51:00
(5 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
Anonymous
2026-07-10 13:49:10
(5 hours ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack