|
๐ณ๐ฑ
Savvii
|
|
10 attempts against mh_ha-misc-ban on choy
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:08:49.905069 2026] [security2:error] [pid 11945:tid 11945] [client 8.231.242.192:55337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||truthsabouthealthcare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "truthsabouthealthcare.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "ai59sXnoiBEFDFW2w7AsmwAAAB0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
Savvii
|
|
10 attempts against mh-misc-ban on frost
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 05:51:52.086655 2026] [security2:error] [pid 2335:tid 2335] [client 8.231.242.192:63646] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wholesalelivelobsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wholesalelivelobsters.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ai55uCbGyGxVUafrJwcjeAAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐บ
screwlooseit.com.au
|
|
Blocked by CSF 13 firewall - Rule: XMLRPC
US/United States/192.242.231.8.bc.googleusercontent.com
|
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐ซ๐ท
tecnoacquisti.com
|
|
PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities
|
Web App Attack
|
|
|
Anonymous
|
|
|
Bad Web Bot
Web App Attack
|
|
|
๐ง๐ช
voormedia
|
|
Accessed trap at '/xmlrpc.php'
|
Web App Attack
|
|
|
๐จ๐ญ
backslash
|
|
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
|
Bad Web Bot
|
|
|
๐ง๐ช
cmbplf
|
|
3.067 requests with url.path //xmlrpc.php
168 requests with url.path */wp-includes/wlwmanifest.xml
|
Brute-Force
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 8.231.242.192 (192.242.231.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 05:26:57.449005 2026] [security2:error] [pid 18250:tid 18287] [client 8.231.242.192:55026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tomithai.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tomithai.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ai5z4aqHHJ3bX2m4GDop6gAAAJg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
BlueWire Hosting
|
|
Probing websites for vulnerabilities
|
Web App Attack
SQL Injection
|
|
|
๐ฎ๐น
VHosting
|
|
Detected WordPress attack from 4 different servers
|
Brute-Force
Web App Attack
|
|
|
๐ณ๐ฑ
thedreamer.nl
|
|
8.231.242.192 - - [14/Jun/2026:11:12:30 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 2213 ...
show more
8.231.242.192 - - [14/Jun/2026:11:12:30 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710"
8.231.242.192 - - [14/Jun/2026:11:12:31 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710"
8.231.242.192 - - [14/Jun/2026:11:12:31 +0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "The Dalles" "45.59990" "-121.18710"
8.231.242.192 - - [14/Jun/2026:11:12:31 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 200 2213 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Ch
...
show less
|
Hacking
Brute-Force
Bad Web Bot
Web App Attack
|
|