π¬π§
andypiper
2026-06-09 01:01:07
(6 days ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-06-09 00:15:01
(6 days ago)
Too many Status 40X (16)
Brute-Force
Web App Attack
πΊπΈ
WizardsToolkit
2026-06-08 14:40:06
(1 week ago)
attempted to access /404.php
Web App Attack
π©πͺ
webko.si
2026-06-08 14:39:49
(1 week ago)
BARUTANA.si: Bruteforce web app access, URI detail: '/wp-includes/ID3/license.txt'.
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 14:39:00
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 34.10.172.122 (122.172.10.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.10.172.122 (122.172.10.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:38:56.458727 2026] [security2:error] [pid 17803:tid 17803] [client 34.10.172.122:63185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||edgecomix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edgecomix.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aibUACWKwEYpNWUVpNWvyAAAAH8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-06-08 14:37:34
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π·πΊ
DZBOT
2026-06-08 14:09:54
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π©πͺ
grassau.com
2026-06-08 14:06:23
(1 week ago)
(wordpress) Failed wordpress login from 34.10.172.122 (US/United States/Iowa/Council Bluffs/122.172. ...
show more
(wordpress) Failed wordpress login from 34.10.172.122 (US/United States/Iowa/Council Bluffs/122.172.10.34.bc.googleusercontent.com)
show less
Brute-Force
π³π±
Site.eu
2026-06-08 14:04:05
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-06-08 14:03:32
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 34.10.172.122 (122.172.10.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.10.172.122 (122.172.10.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:03:28.087616 2026] [security2:error] [pid 20147:tid 20147] [client 34.10.172.122:61890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aisoftwaretools.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aisoftwaretools.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "aibLsLcbPi1y4jsyEFTkCQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©π°
ScamAware
2026-06-08 13:52:17
(1 week ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Bad Web Bot
π§πΎ
lns.bz
2026-06-08 13:50:30
(1 week ago)
Too many 404 requests [BY]
Web App Attack
π©πͺ
FeG Deutschland
2026-06-08 13:48:58
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
2026-06-08 13:47:01
(1 week ago)
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 437 ...
show more
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 288 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 288 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.10.172.122 - - [08/Jun/2026:15:47:00 +0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 437 "-
...
show less
Brute-Force
Web App Attack
π³π±
Savvii
2026-06-08 13:46:00
(1 week ago)
11 attempts against mh_ha-misc-ban on taro
Brute-Force
Web App Attack