๐ณ๐ฟ
Antinson
2026-07-02 15:13:34
(5 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ณ๐ฑ
Savvii
2026-07-02 15:08:08
(5 hours ago)
10 attempts against mh-misc-ban on frost
Web App Attack
Anonymous
2026-07-02 15:07:01
(5 hours ago)
Automated web scanner. Requested suspicious paths: //2021/wp-includes/wlwmanifest.xml | //shop/wp-in ...
show more
Automated web scanner. Requested suspicious paths: //2021/wp-includes/wlwmanifest.xml | //shop/wp-includes/wlwmanifest.xml | //wp1/wp-includes/wlwmanifest.xml | //test/wp-includes/wlwmanifest.xml | //site/wp-includes/wlwmanifest.xml | //cms/wp-includes/wlwmanifest.xml | //blog/wp-includes/wlwmanifest.xml | //wp/wp-includes/wlwmanifest.xml | //xmlrpc.php | //2020/wp-includes/wlwmanifest.xml | //wordpress/wp-includes/wlwmanifest.xml | //web/wp-includes/wlwmanifest.xml | //2019/wp-includes/wlwmanifest.xml, //wp-includes/ID3/license.txt. UTC: 2026-07-02 14:49:33.
show less
Web App Attack
๐บ๐ธ
mnsf
2026-07-02 15:05:21
(5 hours ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
๐บ๐ธ
CounterScrape
2026-07-02 15:00:31
(5 hours ago)
CounterScrape Deception: Bot identified as HONEYTOKEN_HIT (Unauthorized access attempt to leaked hon ...
show more
CounterScrape Deception: Bot identified as HONEYTOKEN_HIT (Unauthorized access attempt to leaked honeytoken infrastructure subdomain). Trapped in honeypot. Concurrency hits: 1. Bandwidth drained: 0.0 MB.
show less
Bad Web Bot
Port Scan
๐ญ๐บ
kranem
2026-07-02 15:00:04
(5 hours ago)
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /web/wp-includes/wlwmanifest.xml
Timestamp: 2026-07-02T14:45:13Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
show less
Bad Web Bot
๐ช๐ธ
masterguru
2026-07-02 14:59:07
(5 hours ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-02 14:50:03
(5 hours ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-07-02 14:47:19
(5 hours ago)
http-probing - IP: 136.67.13.46 - time="2026-07-02T16:47:18+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 136.67.13.46 - time="2026-07-02T16:47:18+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 136.67.13.46 (US/396982) : 4h ban on Ip 136.67.13.46" module=db
show less
Web App Attack
๐ซ๐ท
Thaliruth
2026-07-02 14:46:58
(5 hours ago)
136.67.13.46 - - [02/Jul/2026:16:46:57 +0200] "GET /wp-includes/id3/license.txt/feed/ HTTP/1.1" 404 ...
show more
136.67.13.46 - - [02/Jul/2026:16:46:57 +0200] "GET /wp-includes/id3/license.txt/feed/ HTTP/1.1" 404 6125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.67.13.46 - - [02/Jul/2026:16:46:57 +0200] "GET /wp-includes/id3/license.txt/xmlrpc.php?rsd HTTP/1.1" 404 1083 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.67.13.46 - - [02/Jul/2026:16:46:57 +0200] "GET /wp-includes/id3/license.txt/blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 6125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐จ๐ฆ
Anytech
2026-07-02 14:45:47
(5 hours ago)
Blocked by Conn-Monitor: Web scanning activity
Web App Attack
๐ฎ๐น
VHosting
2026-07-02 14:45:08
(5 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-02 14:40:02
(5 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 14:35:42
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 136.67.13.46 (46.13.67.136.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 136.67.13.46 (46.13.67.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:35:35.274371 2026] [security2:error] [pid 26095:tid 26095] [client 136.67.13.46:58688] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.d365geek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.d365geek.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akZ3N2Lvl-bki31vv2wxagAAAEo"]
show less
Brute-Force
Bad Web Bot
Web App Attack