๐บ๐ธ
mschimpf
2026-01-18 01:53:00
(5 months ago)
Web App Attack
Anonymous
2026-01-17 13:41:05
(5 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐ฉ๐ช
hchristo
2026-01-17 12:18:42
(5 months ago)
[Sat Jan 17 13:09:11.432883 2026] [access_compat:error] [pid 56498:tid 56764] [client 34.11.17.140:6 ...
show more
[Sat Jan 17 13:09:11.432883 2026] [access_compat:error] [pid 56498:tid 56764] [client 34.11.17.140:64256] AH01797: client denied by server configuration: /var/www/kd1121/htdocs/adventure-westfalia/xmlrpc.php
[Sat Jan 17 13:09:13.499658 2026] [access_compat:error] [pid 56498:tid 56722] [client 34.11.17.140:64256] AH01797: client denied by server configuration: /var/www/kd1121/htdocs/adventure-westfalia/xmlrpc.php
[Sat Jan 17 13:09:13.642127 2026] [access_compat:error] [pid 56498:tid 56795] [client 34.11.17.140:64256] AH01797: client denied by server configuration: /var/www/kd1121/htdocs/adventure-westfalia/xmlrpc.php
[Sat Jan 17 13:18:40.430972 2026] [access_compat:error] [pid 56498:tid 56789] [client 34.11.17.140:49506] AH01797: client denied by server configuration: /var/www/kd1121/htdocs/aeroplano/xmlrpc.php
[Sat Jan 17 13:18:42.165208 2026] [access_compat:error] [pid 56498:tid 56792] [client 34.11.17.140:49506] AH01797: client denied by server configuration: /var/www/kd1121/htdocs/a
...
show less
Brute-Force
๐บ๐ฆ
URAN Publishing Service
2026-01-17 12:12:59
(5 months ago)
34.11.17.140 - - [17/Jan/2026:14:12:58 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 251 "-" "Mozilla/5. ...
show more
34.11.17.140 - - [17/Jan/2026:14:12:58 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.11.17.140 - - [17/Jan/2026:14:12:58 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 404 251 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Web App Attack
๐จ๐ญ
Origon
2026-01-17 12:11:13
(5 months ago)
http-probing - IP: 34.11.17.140 - time="2026-01-17T13:11:12+01:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 34.11.17.140 - time="2026-01-17T13:11:12+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.11.17.140 (US/396982) : 4h ban on Ip 34.11.17.140" module=db
show less
Web App Attack
๐ฎ๐น
VHosting
2026-01-17 12:10:04
(5 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-17 12:08:50
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 34.11.17.140 (140.17.11.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.11.17.140 (140.17.11.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 07:08:43.086235 2026] [security2:error] [pid 1501:tid 1501] [client 34.11.17.140:57169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||advantagept.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "advantagept.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aWt7y7cErJZkdyj4MHIV8AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-01-17 12:08:49
(5 months ago)
Malicious activity detected
Hacking
Web App Attack
๐ง๐พ
lns.bz
2026-01-17 12:06:00
(5 months ago)
Too many 404 requests [BY]
Web App Attack
๐ฉ๐ช
Blexyel
2026-01-17 11:45:37
(5 months ago)
34.11.17.140 - - [17/Jan/2026:11:45:32 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 " ...
show more
34.11.17.140 - - [17/Jan/2026:11:45:32 +0000] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
tib-admin
2026-01-17 11:42:05
(5 months ago)
WordPress install sniffing: "GET /admin//wp-includes/wlwmanifest.xml"
Hacking
Web App Attack
๐บ๐ธ
LotPhantom
2026-01-17 11:32:19
(5 months ago)
34.11.17.140 - - [17/Jan/2026:11:31:20 +0000] "" 400 0 "-" "-" "0"
34.11.17.140 - - [17/Jan/2026:11: ...
show more
34.11.17.140 - - [17/Jan/2026:11:31:20 +0000] "" 400 0 "-" "-" "0"
34.11.17.140 - - [17/Jan/2026:11:31:20 +0000] "" 400 0 "-" "-" "0"
...
show less
Hacking
Web App Attack
Anonymous
2026-01-17 11:21:38
(5 months ago)
Failed Wordpress Logins
Web App Attack
๐ง๐ช
cmbplf
2026-01-17 11:20:50
(5 months ago)
24.450 requests with url.path */xmlrpc.php
1.220 requests with url.path */wp-includes/wlwmanifest. ...
show more
24.450 requests with url.path */xmlrpc.php
1.220 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
kosada.com
2026-01-17 11:09:37
(5 months ago)
Web vulnerability probing: //wordpress/wp-includes/wlwmanifest.xml
Web App Attack