๐ฉ๐ช
LRob
2026-07-01 03:31:36
(1 day ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
๐ง๐ท
Halux
2026-07-01 01:17:40
(1 day ago)
107.170.31.84 Web Application Firewall multiple violations
Hacking
Web App Attack
๐จ๐ฆ
zXero
2026-07-01 01:03:26
(1 day ago)
Fail2Ban automatic report - jail: no-wordpress
Brute-Force
SSH
DDoS Attack
Anonymous
2026-07-01 00:02:44
(1 day ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐ซ๐ท
largo-it.net
2026-06-30 23:56:46
(1 day ago)
Jul 1 01:56:43 vps-9f3cdc33 haproxy[1062612]: 107.170.31.84:52215 [01/Jul/2026:01:56:43.750] www_fr ...
show more
Jul 1 01:56:43 vps-9f3cdc33 haproxy[1062612]: 107.170.31.84:52215 [01/Jul/2026:01:56:43.750] www_frontend~ finance_cluster/finance1_test1_https 84/0/11/70/165 404 3151 - - ---- 54/6/0/0/0 0/0 "GET /fr//wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 1 01:56:44 vps-9f3cdc33 haproxy[1062612]: 107.170.31.84:52215 [01/Jul/2026:01:56:43.915] www_frontend~ finance_cluster/finance1_test1_https 84/0/11/51/146 404 3151 - - ---- 54/6/0/0/0 0/0 "GET /fr//xmlrpc.php?rsd HTTP/1.1"
Jul 1 01:56:45 vps-9f3cdc33 haproxy[1062612]: 107.170.31.84:52215 [01/Jul/2026:01:56:45.069] www_frontend~ finance_cluster/finance1_test1_https 86/0/10/41/137 404 3151 - - ---- 54/6/0/0/0 0/0 "GET /fr//blog/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 1 01:56:45 vps-9f3cdc33 haproxy[1062612]: 107.170.31.84:52215 [01/Jul/2026:01:56:45.207] www_frontend~ finance_cluster/finance1_test1_https 84/0/11/45/140 404 3151 - - ---- 54/6/0/0/0 0/0 "GET /fr//web/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 1 01:56:45 vps-9f3cdc33 haproxy[106
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 22:20:11
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 107.170.31.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 107.170.31.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 18:20:05.585083 2026] [security2:error] [pid 20761:tid 20816] [client 107.170.31.84:52012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||labs.cocoonprojects.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "labs.cocoonprojects.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akRBFRCc6jmWZg9CohtWRgAAAc8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-30 20:31:48
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-06-30 18:09:28
(1 day ago)
-:443 107.170.31.84 - - [30/Jun/2026:20:09:27 +0200] - "GET //wp-includes/wlwmanifest.xml HTTP/1.1" ...
show more
-:443 107.170.31.84 - - [30/Jun/2026:20:09:27 +0200] - "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 1978 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
show less
Bad Web Bot
Anonymous
2026-06-30 18:05:06
(1 day ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=17
Hacking
๐ฉ๐ช
big-cloud.nl
2026-06-30 17:28:00
(1 day ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
kosada.com
2026-06-30 17:25:24
(1 day ago)
Web vulnerability probing: //wordpress/wp-includes/wlwmanifest.xml
Web App Attack
๐จ๐ญ
backslash
2026-06-30 17:18:00
(1 day ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐จ๐ญ
zynex
2026-06-30 17:15:47
(1 day ago)
URL Probing: /test/wp-includes/wlwmanifest.xml
Web App Attack
๐บ๐ธ
Lee Daniel
2026-06-30 17:13:07
(1 day ago)
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" ...
show more
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20522 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20507 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //news/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20513 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20510 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36"
107.170.31.84 - - [30/Jun/2026:13:13:05 -0400] "GET //test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20513 "-" "Mozilla/
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-30 16:53:56
(1 day ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack